How do I achieve link redundancy using BFD and BGP in this wireguard scenario?

blason · August 28, 2021, 5:00am

Hi Team,

Here is my scenario - I have two routers with 1.2.8 and trying to configure wireguard+BFD+BGP

I already achieved wireguard but unable to understand BFD+BGP.

Can someone help me on this?
I wanted to achieve

Link redundancy
Dynamic protocol
Wondering if ECMP/Multipath can be possible using this scenario?

R1
set interfaces ethernet eth0 address '192.168.47.20/24'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:d4:6e:9e'
set interfaces ethernet eth0 smp-affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address '10.30.30.20/24'
set interfaces ethernet eth1 hw-id '00:0c:29:d4:6e:a8'
set interfaces ethernet eth2 address '10.10.20.20/24'
set interfaces ethernet eth2 duplex 'auto'
set interfaces ethernet eth2 hw-id '00:0c:29:d4:6e:b2'
set interfaces ethernet eth2 smp-affinity 'auto'
set interfaces ethernet eth2 speed 'auto'
set interfaces loopback lo
set interfaces wireguard wg01 address '10.44.44.1/30'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '192.168.40.0/24'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '10.44.44.2/32'
set interfaces wireguard wg01 peer tun-wg02 endpoint '192.168.47.40:51820'
set interfaces wireguard wg01 peer tun-wg02 pubkey 'oEqSdY1dNCte5rk7XD1jSEhst3Ab6pNrYyyfP91NE3c='
set interfaces wireguard wg01 port '51820'
set interfaces wireguard wg02 address '10.88.88.1/30'
set interfaces wireguard wg02 peer tun-wg04 allowed-ips '192.168.40.0/24'
set interfaces wireguard wg02 peer tun-wg04 endpoint '10.30.30.40:51840'
set interfaces wireguard wg02 peer tun-wg04 pubkey 'oEqSdY1dNCte5rk7XD1jSEhst3Ab6pNrYyyfP91NE3c='
set interfaces wireguard wg02 port '51840'
set protocols static interface-route 192.168.40.0/24 next-hop-interface wg01
set protocols static interface-route 192.168.40.0/24 next-hop-interface wg02 distance '5'

And R2

set interfaces ethernet eth0 address '192.168.47.40/24'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '00:0c:29:b5:16:c7'
set interfaces ethernet eth0 smp-affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address '192.168.40.40/24'
set interfaces ethernet eth1 duplex 'auto'
set interfaces ethernet eth1 hw-id '00:0c:29:b5:16:d1'
set interfaces ethernet eth1 smp-affinity 'auto'
set interfaces ethernet eth1 speed 'auto'
set interfaces ethernet eth2 address '10.30.30.40/24'
set interfaces ethernet eth2 hw-id '00:0c:29:b5:16:db'
set interfaces loopback lo
set interfaces wireguard wg01 address '10.44.44.2/30'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '10.10.20.0/24'
set interfaces wireguard wg01 peer tun-wg02 endpoint '192.168.47.20:51820'
set interfaces wireguard wg01 peer tun-wg02 pubkey 'bRDB8UWryn6tHRoTiWjPLHtxOWm7Xob0HimwlOqljnM='
set interfaces wireguard wg01 port '51820'
set interfaces wireguard wg02 address '10.88.88.2/30'
set interfaces wireguard wg02 peer tun-wg04 allowed-ips '10.10.20.0/24'
set interfaces wireguard wg02 peer tun-wg04 endpoint '10.30.30.20:51840'
set interfaces wireguard wg02 peer tun-wg04 pubkey 'bRDB8UWryn6tHRoTiWjPLHtxOWm7Xob0HimwlOqljnM='
set interfaces wireguard wg02 port '51840'
set protocols static interface-route 10.10.20.0/24 next-hop-interface wg01
set protocols static interface-route 10.10.20.0/24 next-hop-interface wg02 distance '5'

blason · August 28, 2021, 5:47am

OK - I have two issues with this scenario.

I am unable to configure other link which is between 10.30.30.20 and 10.30.30.40. However this is working with BGP and wireguard on one link

Am I doing anything wrong here?

set interfaces wireguard wg01 address '10.44.44.1/30'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '192.168.40.0/24'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '10.44.44.2/32'
set interfaces wireguard wg01 peer tun-wg02 endpoint '192.168.47.40:51820'
set interfaces wireguard wg01 peer tun-wg02 pubkey 'oEqSdY1dNCte5rk7XD1jSEhst3Ab6pNrYyyfP91NE3c='
set interfaces wireguard wg01 port '51820'
set interfaces wireguard wg02 address '10.88.88.1/30'
set interfaces wireguard wg02 peer tun-wg04 allowed-ips '192.168.40.0/24'
set interfaces wireguard wg02 peer tun-wg04 endpoint '10.30.30.40:51840'
set interfaces wireguard wg02 peer tun-wg04 pubkey 'oEqSdY1dNCte5rk7XD1jSEhst3Ab6pNrYyyfP91NE3c='
set interfaces wireguard wg02 port '51840'
set protocols bgp 65001 address-family ipv4-unicast network 10.10.20.0/24
set protocols bgp 65001 neighbor 10.44.44.2 remote-as '65002'
set protocols bgp 65001 neighbor 10.44.44.2 update-source '10.44.44.1'
set protocols bgp 65001 timers holdtime '6'
set protocols bgp 65001 timers keepalive '2'

And R2

set interfaces wireguard wg01 address '10.44.44.2/30'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '10.44.44.1/32'
set interfaces wireguard wg01 peer tun-wg02 allowed-ips '10.10.20.0/24'
set interfaces wireguard wg01 peer tun-wg02 endpoint '192.168.47.20:51820'
set interfaces wireguard wg01 peer tun-wg02 pubkey 'bRDB8UWryn6tHRoTiWjPLHtxOWm7Xob0HimwlOqljnM='
set interfaces wireguard wg01 port '51820'
set interfaces wireguard wg02 address '10.88.88.2/30'
set interfaces wireguard wg02 peer tun-wg04 allowed-ips '10.10.20.0/24'
set interfaces wireguard wg02 peer tun-wg04 endpoint '10.30.30.20:51840'
set interfaces wireguard wg02 peer tun-wg04 pubkey 'bRDB8UWryn6tHRoTiWjPLHtxOWm7Xob0HimwlOqljnM='
set interfaces wireguard wg02 port '51840'
set protocols bgp 65002 address-family ipv4-unicast network 192.168.40.0/24
set protocols bgp 65002 neighbor 10.44.44.1 remote-as '65001'
set protocols bgp 65002 neighbor 10.44.44.1 update-source '10.44.44.2'
set protocols bgp 65002 timers holdtime '6'
set protocols bgp 65002 timers keepalive '2'

blason · August 29, 2021, 9:43am

Thanks Guys - I am able to achieve the scenario with bfd+bgp and wireguard.

system · August 31, 2021, 9:44am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.