How to make wan load balancing between 2 or more wireguard vpn with PBR

General questions
, ,
42

I don’t see in your configuration route-map which attached to neighbor import

43

Sorry , I’m not familar with BGP routing . I just follow the configuration which you impelment the solution.
Would you please tell me how to do it ?
Here is your original configuration

set interfaces ethernet eth0 address '100.64.0.2/30'
set interfaces ethernet eth1 address '192.168.2.1/24'
set interfaces ethernet eth1 policy route 'PBR'
set interfaces wireguard wg0 address '10.10.10.254/24'
set interfaces wireguard wg0 description 'Server-CLOUD1-203.0.113.254'
set interfaces wireguard wg0 peer CLOUD1 allowed-ips '10.10.10.0/24'
set interfaces wireguard wg0 peer CLOUD1 allowed-ips '0.0.0.0/0'
set interfaces wireguard wg0 peer CLOUD1 endpoint '203.0.113.254:64216'
set interfaces wireguard wg0 peer CLOUD1 pubkey 'xx='
set interfaces wireguard wg1 address '10.20.20.254/24'
set interfaces wireguard wg1 description 'Server-CLOUD2-198.51.100.254'
set interfaces wireguard wg1 peer CLOUD2 allowed-ips '10.20.20.0/24'
set interfaces wireguard wg1 peer CLOUD2 allowed-ips '0.0.0.0/0'
set interfaces wireguard wg1 peer CLOUD2 endpoint '198.51.100.254:64216'
set interfaces wireguard wg1 peer CLOUD2 pubkey 'xx='
set nat source rule 100 outbound-interface 'wg0'
set nat source rule 100 source address '192.168.2.0/24'
set nat source rule 100 translation address 'masquerade'
set nat source rule 110 outbound-interface 'wg1'
set nat source rule 110 source address '192.168.2.0/24'
set nat source rule 110 translation address 'masquerade'
set policy route PBR rule 10 destination address '!192.168.2.0/24'
set policy route PBR rule 10 set table '100'
set policy route PBR rule 10 source address '192.168.2.0/24'
set protocols bgp 65001 maximum-paths ibgp '2'
set protocols bgp 65001 neighbor 10.10.10.1 remote-as '65001'
set protocols bgp 65001 neighbor 10.10.10.1 timers holdtime '30'
set protocols bgp 65001 neighbor 10.10.10.1 timers keepalive '10'
set protocols bgp 65001 neighbor 10.10.10.1 update-source '10.10.10.254'
set protocols bgp 65001 neighbor 10.20.20.1 remote-as '65001'
set protocols bgp 65001 neighbor 10.20.20.1 timers holdtime '30'
set protocols bgp 65001 neighbor 10.20.20.1 timers keepalive '10'
set protocols bgp 65001 neighbor 10.20.20.1 update-source '10.20.20.254'
set protocols static interface-route 10.10.10.0/24 next-hop-interface wg0
set protocols static interface-route 10.20.20.0/24 next-hop-interface wg1
set protocols static route 198.51.100.254/32 next-hop 100.64.0.1
set protocols static route 203.0.113.254/32 next-hop 100.64.0.1
44

You mean this , right ?

set protocols bgp 65001 neighbor 10.10.10.1 address-family ipv4-unicast route-map import 'RMAP-IN'
set protocols bgp 65001 neighbor 10.10.10.1 remote-as '65001'
set protocols bgp 65001 neighbor 10.10.10.1 timers holdtime '30'
set protocols bgp 65001 neighbor 10.10.10.1 timers keepalive '10'
set protocols bgp 65001 neighbor 10.10.10.1 update-source '10.10.10.254'
set protocols bgp 65001 neighbor 10.20.20.1 address-family ipv4-unicast route-map import 'RMAP-IN'
set protocols bgp 65001 neighbor 10.20.20.1 remote-as '65001'
set protocols bgp 65001 neighbor 10.20.20.1 timers holdtime '30'
set protocols bgp 65001 neighbor 10.20.20.1 timers keepalive '10'
set protocols bgp 65001 neighbor 10.20.20.1 update-source '10.20.20.254'

after change setting . there is still no route table 100

vyos@vyos# run show bgp summary

IPv4 Unicast Summary:
BGP router identifier 192.168.2.1, local AS number 65001 vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 2, using 43 KiB of memory

Neighbor        V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt
10.10.10.1      4      65001       254       259        0    0    0 00:14:34            0        0
10.20.20.1      4      65001       254       260        0    0    0 00:14:34            0        0

Total number of neighbors 2
[edit]
vyos@vyos# run show ip route table 100
45

@Viacheslav
Would you please help me about this issue. I stuck at this issue for a long time. I’m online and wait for you help me to fix it. So help me , please.

46

image
image2024×602 69.2 KB 

vyos@vyos# sudo vtysh

Hello, this is FRRouting (version 7.5.1-20211211-00-g294410782).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

vyos# show running-config
Building configuration...

Current configuration:
!
frr version 7.5.1-20211211-00-g294410782
frr defaults traditional
hostname vyos
log syslog
log facility local7
service integrated-vtysh-config
!
ip route 10.10.10.0/24 wg01
ip route 10.20.20.0/24 wg02
ip route 198.51.100.254/32 100.64.0.1
ip route 203.0.113.254/32 100.64.0.1
!
router bgp 65001
 no bgp ebgp-requires-policy
 no bgp network import-check
 neighbor 10.10.10.1 remote-as 65001
 neighbor 10.10.10.1 update-source 10.10.10.254
 neighbor 10.10.10.1 timers 10 30
 neighbor 10.20.20.1 remote-as 65001
 neighbor 10.20.20.1 update-source 10.20.20.254
 neighbor 10.20.20.1 timers 10 30
 !
 address-family ipv4 unicast
  neighbor 10.10.10.1 route-map RMAP-IN in
  neighbor 10.20.20.1 route-map RMAP-IN in
  maximum-paths ibgp 2
 exit-address-family
!
route-map RMAP-IN permit 100
 set table 100
!
ip protocol static route-map RMAP-IN
!
line vty
!
end