Ramblings of an aging IT geek
← Ramblings of an aging IT geek
networking

running bgp at home, purely to learn it

Setting up BGP between a router and a couple of homelab hosts with FRR, not because the network needs it but because reading about routing protocols only gets you so far.

John Mylchreest
John Mylchreest
2023-01-01 · 4 min read

Network cabling running through a patch panel

There is no reasonable case for running BGP in a house. My network has three relevant devices and a switch. The entire routing table fits in my head. And yet I have spent the first day of the year standing up BGP between my router and two homelab hosts, for the deeply respectable reason that I wanted to actually understand it rather than just nod along to the diagrams.

You can read about BGP for years. I had. I knew the words: peers, prefixes, AS numbers, route advertisement. But there is a particular kind of understanding you only get from watching a route appear on a neighbour because you told it to, and then breaking it and watching it disappear.

The setup

I used FRR, which gives you a Cisco-flavoured config that is oddly soothing if you grew up on that. Each host gets a private AS number out of the 64512 to 65534 range that is set aside for exactly this sort of thing, and you tell each peer about the other.

The config is small enough to read in one go:

router bgp 65010
 neighbor 10.0.0.1 remote-as 65000
 address-family ipv4 unicast
  network 10.10.0.0/24
 exit-address-family

Bring it up, and the satisfying part is show ip bgp summary reporting an established session. State moves from Idle through Connect and OpenSent to Established, and watching it walk that little state machine taught me more than any amount of reading had.

Equipment racks stretching down a datacentre aisle

What I actually learned

The thing that finally clicked was how patient the protocol is. BGP does not panic. A session drops, the timers tick, routes get withdrawn in an orderly fashion, and nothing falls over in a hurry. That deliberate slowness is the whole reason it holds the internet together: it would rather be a bit late than be wrong. After years of treating that as an exam fact, watching the timers actually count made it real.

I also got a proper feel for how a prefix becomes reachable. I advertised a network from one host, and there it was in the other host's table, with the AS path showing exactly where it had come from. Withdraw it, gone. It sounds trivial written down, and it is trivial, but doing it by hand is what turns "I have read about this" into "I understand this".

None of this is staying. I will tear it down next week and go back to static routes that a sane person would use at this scale. But the next time I read an outage post-mortem about a leaked prefix or a flapping session, I will picture my two little hosts arguing about routes on New Year's Day, and it will mean something. That is the whole point of a homelab: a safe place to build things you have no business building, just to find out how they feel.