We have two VyOS systems acting as transparent firewalls for our two fiber uplinks to our ISP. Because the transparent firewall is in the middle, if the link to one of the routers goes down, the other one can’t see it and keeps sending traffic until the BGP timers expire. If the routers were connected directly, the link going down would automatically clear the BGP states and traffic would immediately start using the backup link. I posted a diagram on ServerFault, but didn’t get any great replies.
In the end, I wrote a script that is called by netplugd when an interface goes down. What is the best way to actually install the script in VyOS - i.e. make sure it actually stays in /etc/netplug/linkdown.d and make sure it ends up on our systems in the future when we add new ones?
Is there any other obvious way to do this (reset the BGP states) that I missed?