- Quickstart
- Features
- Access Control
- Access Logging
- Authorization
- BGP
- Certificate Stores
- Docker Support
- Dynamic Reloading
- Graceful Shutdown
- GRPC Proxy
- HTTP Compression
- HTTP Header Support
- HTTP Path Prepending
- HTTP Path Stripping
- HTTP Redirects
- HTTPS TCP-SNI Proxy
- HTTPS Upstream
- Metrics
- PROXY Protocol Support
- Server Sent Events (SSE)
- TCP Dynamic Proxy
- TCP Proxy
- TCP-SNI Proxy
- Traffic Shaping
- Vault Support
- Web UI
- Websockets
- Deployment
- Config Language
- Reference
- FAQ
- Contributing
- Code of Conduct
- Contact
BGP
NOTE: This feature does not work on Windows at present since the gobgp projectdoes not support windows.
This feature integrates the functionality ofgobgpdwith fabio. This is particularly useful in the scenario where we are usinganycast IP addresses and want to dynamically advertise to upstream routerswhen we’re ready to receive traffic. In the past, we’ve used external routerpackages such as quagga or frr to handle this for us, but it’s potentiallymessy to make sure that the route advertisement stops if fabio goes down,and the bgp daemon is started back up once fabio is running again.By integrating the bgp advertisement with the proxy server, we’ve madesure that when fabio goes down, the route is no longer advertised andtraffic can be sent to other fabio instances accordingly. When fabio is back up,the route is advertised again.
Further, the gobgpcommand line clientis fully supported by enablingthebgp.enablegrpc option.
Multihop is supported, where fabio may not beon the same subnet as neighbor.
To enable BGP, you must at a minimum:
- Set up an anycast interface on the host with a /32 address. On linux, the dummy interface type is a good optionsince it’s supported using network manager. Another option is hanging this address off of loopback.
- Configure the neighbor / peer / upstream router to allow us to peer, and to allow our anycast as a prefix it willaccept
- Setbgp.enabled=true
- Configure thebgp.asn to be our router’s Asn - probably use a private ASN here
- Configure thebgp.routerid to be our router’s IP address (i.e., not the anycast address,something unique). This will be the default nexthop of all routes we publish.
- Configure thebgp.peers for at least one nieghbor.
- Configure thebgp.anycastaddresses for at least one anycast address.
This will embed a gobgpd instance inside of fabio on startup and it will publish the configure anycast addresses.
It will also configure agobgpd policythat will reject all incoming prefixes from neighbors.
Alternatively, for more advanced use cases, you can reference anexternal gobgpd config filethat will override many of the options set in the fabio config, including the policyblocking us from accepting prefixes from neighbors. You still need to specify the bgp.grpcoptions from the fabio config since there is no analog in the gobgpd config file.You may still specify bgp anycastaddresses or bgp.peers fromthe fabio config, but we ignore anythingthat would be specified in the global section of the gobgpd config file, including router ID andthe ASN. Even If the bgp.gobgpdcfgfile value is set, fabio will still honor any valuesconfigured for bgp.anycastaddresses or bgp.peers. These will be processed after the configfile is processed.
Note
For situations where multiple fabio instances are running with the same anycast addressin the same datacenter, or in any other situation where the path distanceis the same and load balancing across multiple fabio instances is desired,the details of ECMP configuration is outside the scope ofthis document as configuration would vary greatly depending on thedetails of the upstream router.