[134922] in North American Network Operators' Group
Re: Routing Suggestions
daemon@ATHENA.MIT.EDU (Joe Provo)
Wed Jan 12 19:56:35 2011
Date: Wed, 12 Jan 2011 19:55:32 -0500
From: Joe Provo <nanog-post@rsuc.gweep.net>
To: Lars Carter <larsscarter@gmail.com>
In-Reply-To: <AANLkTin1hx9ZGTWQ-WvB0AtdROu6iD+-ySOgGiH-oDF1@mail.gmail.com>
Cc: NANOG@NANOG.org
Reply-To: nanog-post@rsuc.gweep.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Jan 12, 2011 at 07:13:53PM -0500, Lars Carter wrote:
[snip]
> There are two companies, Company A and Company B, that are planning to
> continuously exchange a large amount of sensitive data and are located in a
> mutual datacenter. They decide to order a cross connect and peer privately
> for the obvious reasons. Company A has a small but knowledgable engineering
> staff and it's network is running BGP as its only routing protocol with
> multiple transit vendors and a handful of other larger peers. Company B is a
> smaller shop that is single homed behind one ISP through a default static
> route, they have hardware that can handle advanced routing protocols but
> have not had the need to implement them as of yet. There is a single prefix
> on both sides that will need to be routed to the other party. It is rare
> that prefixes would need to change or for additional prefixes to be added.
>
>
> From an technical, operational, and security standpoint what would be the
> preferred way to route traffic between these two networks?
Use eBGP. Company B runs a mutually-agreed private ASN (at least from
company A's unused list). This scales from the initial deployment to
multiple cross-connects for failover [or even IPSEC tunnel over public
interfaces]. Company B should have Company A provide some clues to
their staff if needed (and get more out of the deal).
"Simple" static solutions wind up being entrenched, so move/add/change
becomes convoluted. And how many times has one prefix really stayed
that way? :-)
--
RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
