[134928] in North American Network Operators' Group
Re: Routing Suggestions
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Wed Jan 12 20:20:59 2011
Date: Thu, 13 Jan 2011 09:20:14 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: Jon Lewis <jlewis@lewis.org>
In-Reply-To: <Pine.LNX.4.61.1101121954490.5148@soloth.lewis.org>
Cc: NANOG@nanog.org, Lars Carter <larsscarter@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Jan 12, 2011, Jon Lewis wrote:
> >Unless you'd like to ensure the sensitive traffic doesn't cross an
> >"unsafer" default rout path if the XC is down.
>
> BGP would have that same issue since B is default routing to their
> provider.
>
> [config for B]
> ip route <A's prefix> <mask> <gw to A>
> ip route <A's prefix> <mask> null0 250
> ip route 0.0.0.0 0.0.0.0 <B's provider>
>
> problem solved. If the gw to A is reachable, traffic goes via the cross
> connect. If the gw is down, traffic goes nowhere.
I was just making the observation; the solution is pretty simple.
(Yes, I've seen "secure" network cross-connects get bitten by this. :-)
Adrian
--
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -
