How to use a /29 network with 2 BGP Routers

maartenc · How to use a /29 network with 2 BGP Routers

Hi,

I want to be able to use my /29 network on both interfaces/routers, but I can't seem to find how to do it.
My setup is the following:

2 routers connected to an OPNsense firewall with BGP, the routers push a default route to the firewall to let the internet traffic go out.
I have a /29 network which works on both routers.

At the moment I created 2 virtual IPs tied to the interface of each router and do the outgoing NAT that way.
But this of course means that if the primary router changes my outgoing IP changes which I'm trying to prevent.

How can I use my /29 without tying it to a specific interface?

Thanks for your help.

Best Regards,
Maarten

Patrick M. Hausen · Reply #1 - Re: How to use a /29 network with 2 BGP Routers

I don't understand. Typically both routers and the WAN interface of OPNsense would share that /29. Additionally the two routers would have a CARP/HSRP/VRRP address in that /29. OPNsense would use that as its default gateway and the publicly visible address of your infrastructure would be OPNsense's.

The two routers would speak eBGP to their peers and iBGP to each other so in case the router with the active HA address is not the correct uplink it can resend the packets to its partner. Preferably a direct high bandwidth link between the two.

A /29 is enough for two uplink routers plus one HA address for them plus two firewalls and a HA address for them.

HTH,
Patrick

maartenc · Reply #2 - Re: How to use a /29 network with 2 BGP Routers

Hi Patrick,

The WAN interfaces and the router interfaces are in a different subnet. There is no connection between the routers, they are connected to different interfaces on the firewall. They push the 0.0.0.0/0 route to the firewall.

Patrick M. Hausen · Reply #3 - Re: How to use a /29 network with 2 BGP Routers

IMHO that is not how it's supposed to work. I have run the setup I outlined for two decades as an ISP with full tables and the only thing I can say is that my topology works.

maartenc · Reply #4 - Re: How to use a /29 network with 2 BGP Routers

The uplinks on the routers belong to different ISPs

Patrick M. Hausen · Reply #5 - Re: How to use a /29 network with 2 BGP Routers

And behind the uplinks you have a globally routable /29, right? You need to connect both BGP routers in that network.

How to use a /29 network with 2 BGP Routers

maartenc

Today at 11:22:26 AM

Patrick M. Hausen

Today at 11:33:28 AM #1

maartenc

Today at 11:46:52 AM #2 Last Edit: Today at 11:50:07 AM by maartenc

Patrick M. Hausen

Today at 11:48:44 AM #3

maartenc

Today at 11:50:48 AM #4

Patrick M. Hausen

Today at 11:54:03 AM #5