Amazon-Ec2

是否可以在不需要物理硬體的情況下在 Linux 路由器和 AWS Direct Connect 之間建立連接?

  • February 12, 2021

我們購買了一條 Amazon Direct Connect 租用線路來將我們的數據中心連接到 Amazon EC2 實例。亞馬遜有 Cisco 或 Juniper 硬體的配置 ( http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html )。

但是,是否也可以將 Linux 用作路由器(例如使用 Quagga,http: //www.nongnu.org/quagga/ )?

事實證明,通過使用 Quagga 和 Debian Linux 連接到 EC2 非常容易。

/etc/網路/介面

auto lo
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet static
   address 10.x.x.x
   netmask 255.255.255.0
   network 10.x.x.x
   broadcast 10.x.x.x
   gateway 10.x.x.x

allow-hotplug eth1
iface eth1 inet static
   address 169.254.237.18
   netmask 255.255.255.252
   network 169.254.237.16
   broadcast 169.254.237.19

/etc/quagga/bgpd.conf

!
! Zebra configuration saved from vty
!   2006/06/09 16:13:05
!
hostname rr1-bgp
password zebra
enable password zebra
log file /var/log/quagga/bgpd.log
!
router bgp 65000
 neighbor 169.254.237.17 remote-as 7224
 neighbor 169.254.237.17 password PASSWORD_FROM_AWS_CONSOLE
 network 10.10.21.0/24
!
line vty

然而,由於 Quagga 並不真正支持 BFD,我們也嘗試了 BIRD ( http://bird.network.cz )。兩者都可以建立連接,但我認為最好也支持我們這邊的 BFD。

/etc/bird.conf

router id 169.254.237.18;

#debug protocols all;

protocol direct {
   interface "eth0";
}

protocol kernel {
   persist;        
   scan time 20;       
   export all;     
}

protocol device {
   scan time 100;
}

protocol bgp {
   description "My BGP link";
   local as 65000;
   neighbor 169.254.237.17 as 7224;
   password "PASSWORD_FROM_AWS_CONSOLE";
   export all;
   bfd on;
}

protocol bfd {
       interface "eth*" {
               min rx interval 5000 ms;
               min tx interval 5000 ms;
               idle tx interval 5000 ms;
       };
       multihop {
               interval 200 ms;
               multiplier 10;
       };
       neighbor 169.254.237.17;
} 

引用自:https://serverfault.com/questions/696323