BGP Worker Node
This playbook provisions NetActuate virtual servers and configures them as BGP-enabled worker nodes. Use this for deploying anycast services, multi-homed applications, or custom routing configurations.
Prerequisites
- A NetActuate account with BGP enabled
- Your own ASN or a NetActuate-assigned ASN
- IP prefix(es) to advertise
- BIRD or FRRouting installed on the worker nodes
Note: Contact NetActuate support to enable BGP on your account and receive your peering details (neighbor IP, ASN, and password if applicable).
Provisioning Playbook
---
- hosts: localhost
connection: local
gather_facts: false
vars:
api_key: "{{ lookup('env', 'NETACTUATE_API_KEY') }}"
bgp_plan: "VR2048x2x40"
bgp_image: "ubuntu-24.04"
bgp_locations:
- ashburn
- amsterdam
- tokyo
tasks:
- name: Create BGP worker servers
netactuate.cloud.server:
api_key: "{{ api_key }}"
hostname: "bgp-worker-{{ item }}"
plan: "{{ bgp_plan }}"
location: "{{ item }}"
image: "{{ bgp_image }}"
state: present
loop: "{{ bgp_locations }}"
register: bgp_servers
- name: Create BGP sessions
netactuate.cloud.bgp_session:
api_key: "{{ api_key }}"
server_id: "{{ item.id }}"
asn: 65000
state: present
loop: "{{ bgp_servers.results }}"
register: bgp_sessions
- name: Add servers to in-memory inventory
add_host:
name: "{{ item.ip_address }}"
groups: bgp_workers
bgp_neighbor_ip: "{{ item.bgp_neighbor_ip }}"
bgp_neighbor_asn: "{{ item.bgp_neighbor_asn }}"
loop: "{{ bgp_servers.results }}"
Configuration Playbook (BIRD)
Configure BIRD routing daemon for BGP peering:
---
- hosts: bgp_workers
become: true
gather_facts: true
vars:
local_asn: 65000
anycast_prefix: "192.0.2.0/24"
anycast_ip: "192.0.2.1"
tasks:
- name: Install BIRD
apt:
name: bird2
state: present
update_cache: true
- name: Configure loopback with anycast IP
copy:
dest: /etc/netplan/99-anycast.yaml
content: |
network:
version: 2
ethernets:
lo:
addresses:
- {{ anycast_ip }}/32
notify: Apply netplan
- name: Configure BIRD
copy:
dest: /etc/bird/bird.conf
content: |
router id {{ ansible_default_ipv4.address }};
protocol device {
scan time 10;
}
protocol direct {
ipv4;
interface "lo";
}
protocol kernel {
ipv4 {
export all;
import all;
};
}
protocol static anycast_routes {
ipv4;
route {{ anycast_prefix }} blackhole;
}
filter export_filter {
if net = {{ anycast_prefix }} then accept;
reject;
}
protocol bgp netactuate {
local as {{ local_asn }};
neighbor {{ bgp_neighbor_ip }} as {{ bgp_neighbor_asn }};
multihop;
ipv4 {
import none;
export filter export_filter;
};
}
notify: Restart BIRD
- name: Enable IP forwarding
sysctl:
name: net.ipv4.ip_forward
value: "1"
sysctl_set: true
state: present
reload: true
- name: Start and enable BIRD
systemd:
name: bird
state: started
enabled: true
handlers:
- name: Apply netplan
command: netplan apply
- name: Restart BIRD
systemd:
name: bird
state: restarted
Configuration Playbook (FRRouting)
If you prefer FRRouting over BIRD:
---
- hosts: bgp_workers
become: true
gather_facts: true
vars:
local_asn: 65000
anycast_prefix: "192.0.2.0/24"
anycast_ip: "192.0.2.1"
tasks:
- name: Install FRRouting
apt:
name: frr
state: present
update_cache: true
- name: Enable BGP daemon
lineinfile:
path: /etc/frr/daemons
regexp: "^bgpd="
line: "bgpd=yes"
notify: Restart FRRouting
- name: Configure FRRouting
copy:
dest: /etc/frr/frr.conf
content: |
frr version 8.5
frr defaults traditional
router bgp {{ local_asn }}
bgp router-id {{ ansible_default_ipv4.address }}
neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_asn }}
neighbor {{ bgp_neighbor_ip }} ebgp-multihop
address-family ipv4 unicast
network {{ anycast_prefix }}
exit-address-family
mode: "0640"
owner: frr
group: frr
notify: Restart FRRouting
- name: Start and enable FRRouting
systemd:
name: frr
state: started
enabled: true
handlers:
- name: Restart FRRouting
systemd:
name: frr
state: restarted
Verifying BGP Sessions
After deployment, verify your BGP sessions are established:
# Using BIRD
birdc show protocols all netactuate
# Using FRRouting
vtysh -c "show bgp summary"
The session state should show as Established.
Note: BGP sessions may take up to 90 seconds to establish after initial configuration. If the session does not come up, verify your ASN, neighbor IP, and that the NetActuate side has been configured.
Related Resources
- Redundant BGP Sessions for Workers -- Terraform approach to redundant BGP
- Autoscaling -- Automatic scaling for worker nodes
Need Help?
If you need assistance with BGP worker node configuration, visit our support page.