BGP

Bare Metal instances in most Ingenuity Cloud Services locations support BGP (Border Gateway Protocol) for advertising secondary IP addresses to our network for both IPv4 and IPv6 protocols.

Note

BGP is not enabled by default, please open a support ticket to enable BGP support for your instances. Setup typically takes 12-24 hours.

BGP for Secondary IP’s

One common use case for BGP with secondary IP addresses is to provide IP mobility / failover between different instances within the same physical location. You may choose to advertise one or more of your allocated secondary IP addresses from one or more of your instances and our network will automatically load balance traffic between all instances and provide automatic failover capability.

BGP sessions for secondary IP’s use an internal / private AS Number between your instances and our fabric route servers. If you wish to advertise your own IP prefix or use your own AS Number please open a support ticket to discuss your requirements.

BGP Peers

Once enabled, BGP peers are automatically provisioned on our fabric route servers in a ‘listen only’ configuration meaning your instance must always initiate the BGP session. We operate a pair of redundant route servers in every supported location and we highly recommend that you establish a BGP session to each route server.

Route Server 1

IPv4 Peer IP	100.64.64.64
IPv6 Peer IP	fc00::1
Our AS Number	65000
Your AS Number	65100
Multihop	Yes

Route Server 2

IPv4 Peer IP	100.64.64.65
IPv6 Peer IP	fc00::2
Our AS Number	65000
Your AS Number	65100
Multihop	Yes

Example Configuration

The below configuration remains consistent in every supported location and you should substitute x.x.x.x/32 for your actual secondary IP address.

MetalLB

---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: ics-pool
namespace: metallb-system
spec:
addresses:
- x.x.x.x/32
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: ics-rs1-ipv4
namespace: metallb-system
spec:
myASN: 65100
peerASN: 65000
peerAddress: 100.64.64.64
ebgpMultiHop: true
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: ics-rs2-ipv4
namespace: metallb-system
spec:
myASN: 65100
peerASN: 65000
peerAddress: 100.64.64.65
ebgpMultiHop: true
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: ics-rs1-ipv6
namespace: metallb-system
spec:
myASN: 65100
peerASN: 65000
peerAddress: fc00::1
ebgpMultiHop: true
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: ics-rs2-ipv6
namespace: metallb-system
spec:
myASN: 65100
peerASN: 65000
peerAddress: fc00::2
ebgpMultiHop: true
---
apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: ics-advertisement
namespace: metallb-system
spec:
ipAddressPools:
- ics-pool
peers:
- ics-rs1-ipv4
- ics-rs2-ipv4
- ics-rs1-ipv6
- ics-rs2-ipv6

FRR

router bgp 65100
neighbor 100.64.64.64 remote-as 65000
neighbor 100.64.64.64 description "ICS Route Server 1"
neighbor 100.64.64.64 soft-reconfiguration inbound
neighbor 100.64.64.65 remote-as 65000
neighbor 100.64.64.65 description "ICS Route Server 2"
neighbor 100.64.64.65 timers 5 15
neighbor 100.64.64.65 soft-reconfiguration inbound
!
address-family ipv4
network x.x.x.x/32
neighbor 100.64.64.64 activate
neighbor 100.64.64.65 activate
exit-address-family

Caveats

The BGP service has the following caveats

• It is not possible to recieve full-tables from our BGP sessions, these are configured as ‘recieve only’ and will not advertise any prefixes to you.
• A hard prefix-limit is enforced on all BGP sessions of 20 prefixes per session. This cannot be increased.