[166178] in North American Network Operators' Group
Re: Policy-based routing is evil? Discuss.
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Oct 11 13:35:32 2013
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <20131011.182700.484727119.wwaites@tardis.ed.ac.uk>
Date: Fri, 11 Oct 2013 13:35:02 -0400
To: William Waites <wwaites@tardis.ed.ac.uk>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 11, 2013, at 1:27 PM, William Waites <wwaites@tardis.ed.ac.uk> =
wrote:
> I'm having a discussion with a small network in a part of the world
> where bandwidth is scarce and multiple DSL lines are often used for
> upstream links. The topic is policy-based routing, which is being
> described as "load balancing" where end-user traffic is assigned to a
> line according to source address.
>=20
> In my opinion the main problems with this are:
>=20
> - It's brittle, when a line fails, traffic doesn't re-route
> - None of the usual debugging tools work properly
I think this all depends on how it's configured, and if you can =
monitor/detect failures.
I've seen folks do things like this with a Linux box with "multiple =
routing tables". If you have something validate the link is working, =
you can easily have it "fail over". This is all depending on the admin =
to do it right.
> - Adding a new user is complicated because it has to be done in (at
> least) two places
This all depends on the tool set in use/available.
> But I'm having a distinct lack of success locating rants and diatribes
> or even well-reasoned articles supporting this opinion.
>=20
> Am I out to lunch?
No, but most people I've seen either
a) set it up, it works (or seems to) and cross their fingers and move to =
the next fire
b) try to over-engineer the crap out of it so it's got what they feel is =
"100% availability" but isn't sustainable or maintainable by someone =
other than themselves.
The simple answer is: rfc1925 7.a & 8 apply
- Jared
