Re: [LARTC] two upstreams without nat

[Tomas Bonnedahl <tomas@yes.nu>]

On Thu, Jun 26, 2003 at 09:50:45AM -0600, Aaron Dewell wrote:
> On Thu, 26 Jun 2003, Tomas Bonnedahl wrote:
> > i dont have any addresses nor do i own an AS, i know there are private ASNs to
> > use but this seems like a more complicated solution than a mere multipath default
> > route to the two upstream providers.
 
> An ASN can be gotten from ARIN with the justification "I'm multihomed to ASN #X
> and #Y" and $500.  Or you can use a private AS and have your upstreams filter
> it out, also reasonably common.

i didnt know it was that easy really, this might be an option. 

> BGP is not complicated at all to use, that's a myth.  It's a fairly simple
> protocol, and even easier to set up.  Define one external peer per router, one
> internal peer (each other), this is all done by AS.  Set up the routes you want
> advertised.  In this case, you want everything, so no inbound filtering.  Done.
> 3 configuration options in Zebra's bgpd.  Less complicated than setting up NAT.

i assume i will only advertise the core (some /28) since the lan is still a 
private network. i probably wont be able to get a whole /24 from my upstream. 

> Think about it - if you have two IP addresses total, one assigned by each
> upstream, and using two default routes, anything connection-oriented is
> broken immediately (TCP comes to mind).  Anything connectionless (i.e. UDP)
> will likely work fine.  Web, ssh, IMAP, POP3, SMTP are all TCP.  Those not
> working make it basically useless.

why wont it work? from what i understand, you could get a "per flow" with julians
patches so the core-router doesnt varies on a per packet basis and thus make established
connections to fail.

> Otherwise, you have to have selective routes.  Route this block of the internet
> through provider X, that block through provider Y.  No failover, no redundancy,
> no point.  Or, you could point default and provider X and a lower priority to
> provider Y, but then you have to learn by IGP at your core when provider X dies.
> That means advertising default from the borders with your IGP, which is a
> workable solution, but could get messy if you're not pretty good at whatever
> IGP you are using, making the assumption that your IGP will do it.  However,
> two problems:  1.  Your second connection is idle until the primary fails, thus
> wasting money.  2.  All TCP connections reset when you fail over to the backup,
> and reset again when you resume to the primary.

i thought the multihop path was designed to solve this issue with redundancy and 
failover? my very first thought in this was to use ospf as IGP but i couldnt come
up with something to use upstream to see if the providers still were under normal
operation. 

just to sum it up: use something like ospf as IGP and use BGP upstream. were you
assuming that i would get a /24 from my isp and use for lan or should i do nat
on the core router from the lan?

thanks, tomas
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/