I have run bird1 as an SP router (peering and transit, under 10G), bird2
is prob what you want. I have not touched bird3 yet. Im using
bird2+strongswan mostly as an ipsecvti router these days but works well.
Typically we like to do pci-pass thru on the host, to a vm, and pass thru
a pair of 10G nics or 1 single 10G nic with 8021q and run rtr on a stick
for workloads needing > 2Gbit/sec or 200K pps.
ubuntu would not be my 1st choice for a router. I guess as the host it
would be fine but typically a stripped down debian or devuan vm would be
my choice as your rtr vm.
for ipv6 esp. there are some kernel sysctls you will want to enable when
putting full v6 tables into your fib.
for public peering (exchanges) there are l2 proto rules you need to follow
(like disabling l2 control protos and lldp) and you might want to practice
hardcoding your mac addr so if you ever change anything, you know how to
keep your peering fabric MAC addr the same pre and post (otherwise an
outage and ticket to update your mac with the peering fabric provider).
I have seen with debian 12/13 some ucd snmp package issues where the snmp
daemon would hang and need a kill -9 and restart occasionally when taking
a few full feeds.
bfd works pretty well with bird2 and you want that for indirect loss of
lite detection on your bgp sessions. I have had good results with these
setting over ipsec+vti tuns:
protocol bfd {
multihop {
interval 750 ms;
multiplier 4;
};
}
cpu-wise my software routers have 2 vpu. To keep jitter
to a min, you can allocate dedicated cpus to your vm if you want.
The standard design of loopbacks and ip unnumbered for links that we use
on h/w routers is a little tricky on debian vms.
I use this to make sure my loopback always comes up:
auto dummy0
iface dummy0 inet static
address 100.120.0.110/32
pre-up modprobe dummy
pre-up [ ! -d /sys/class/net/dummy0 ] && ip link add dummy0 type dummy ||
true
pre-up sysctl -p /etc/sysctl.d/zz_local_sysctl.conf
up ip link set dummy0 up
And then run ospf to get that loopback into IBGP and term all ibgp
sessions on the loopback.
ip unnumbered works but basically you just put the same address as dummy0
on all your links. Looks odd but works.
If ip unn. is not your thing then allocating /31s for your p2p links
should work fine.
+ Jon Larsen: CTO Richweb, Inc.
+ Richweb.com: Cloud/Route/Switch/MSP Experts since 1995
+ GnuPG Public Key: http://jlarsen.richweb.com/jlarsen.gpg
+ Business: (804) 368-0421 x 101; Mobile: (804) 747-8592
