Border reboot

From Delft Solutions
Revision as of 07:21, 19 February 2024 by Vincent (talk | contribs)
Jump to navigation Jump to search

Note: Throughout this guide <ipv4> and <ipv6> are to be replaced by the correct IP's.

Preflight checks

These checks are to be done on the other border (So the border that will stay online). The commands are to be invoked in `vtysh`.

  • Confirm our IPv4 block is announced over BGP with `show ip bgp neighbors <ipv4> advertised-routes`
  • Confirm our IPv6 block is announced over BGP with `show bgp neighbors <ipv6> advertised-routes`
  • Confirm that the border receives the ROUTED IPv4 routes from the router with `show ip route`
  • Confirm that the border received the ROUTED & LAN IPv6 routes from the router with `show ipv6 route`

Set a maintenance period for the host on Zabbix

Disabling routing through a border

On a border in `vtysh`, update the running configuration by invoking the following:

  • config
  • router bgp
  • neighbor <ipv4> shutdown
  • neighbor <ipv6> shutdown
  • exit
  • router ospf
  • no default-information originate
  • exit
  • router ospf6
  • no default-information originate
  • exit
  • exit

Reboot the border

  • After performing the pre-flight checks and disabling the routing, you can choose to wait until traffic has decreased (e.g. using `bmon` to check bandwidth used on interfaces)
  • Execute `reboot` command
  • When the border is back online, execute relavant items (system uptime, operating system, reboot required) to ensure these will not activate a trigger after disabling maintenance mode
  • If you do not expect any Zabbix alert related to the reboot to be fired, delete the maintenance period

Troubleshooting

Undoing the shutdown of the neighbors can be done by invoking `no neighbor <ipv4>/<ipv6> shutdown` in the `router bgp` part of the configuration.

And the `no default-information originate` can be undone by invoking `default-information originate` in the corect ospf part of the configuration (ospf or ospf6, depending on which one you wish to re-enable).

A reload/restart of the service will also reset to normal configuration.