My new BGP upstream has allocated a IPv4 /30 netblock as the glue block for connecting our routers. I however want to run two routers, and failover between them. If the netblock was larger (/29), I could easily run BGP sessions from both of my routers, with or without VRRP (they could run VRRP too).
Is there a reasonable VRRP/keepalived failover configuration that I can implement without getting them to expand the glue block?
Both of my routers are running Linux (one Ubuntu, one Gentoo), with Quagga; the basic configuration works fine.
Best Answer
You have multiple Linux solutions for first hop redundancy out of your LAN to the two routers (Quagga itself doesn't support VRRP but you can use Quagga in conjunction with any of these without any issues):
Note that none of these have anything to do with BGP redundancy, which I believe is the real problem you're trying to solve. However, it should be quite possible to run VRRP on the provider side of your two Quagga hosts and configure the VRRP virtual IP as "your side" of your ISP-assigned /30 and use that to peer with your ISP. The failover time would likely be close to the same (if not just a hair faster than) the solution with Linux-HA below. With that said, I'd personally believe that the Linux-HA solution would be cleaner and simpler, but this also may depend on the topology.
As for your options with BGP, there is an IETF draft for "multisesssion BGP" that introduces a new BGP capability code which aims to support multiple BGP sessions with the same peer over the same address, but this draft assumes that both of the sessions would be on the same device, however the draft is brand new and support for this is not likely to be in current revisions of Quagga.
One other option is to use Linux-HA to set up a heartbeat cluster between your two boxes, and configure it as such so that if the primary router fails, the heartbeat will recognize this and turn up Quagga/BGPd/etc on the standby router when that happens.