[166712] in North American Network Operators' Group
advice on BGP + CARP setup on FreeBSD
daemon@ATHENA.MIT.EDU (Antoine =?utf-8?Q?Beaupr=C3=A9?=)
Tue Nov 5 14:32:08 2013
From: Antoine =?utf-8?Q?Beaupr=C3=A9?= <anarcat@koumbit.org>
To: nanog@nanog.org
Date: Tue, 05 Nov 2013 14:31:41 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi fellow operators,
We are slowly and carefully joining the fray of autonomous systems and
started announcing our own netblock, a first test that started last
week. So far, things are going well, but before going further along this
setup, I would be curious to hear experience from other operators about
the plan we are thinking of deploying.
Our requirements:
* free software, as much as possible
* inexpensive
* using existing operating system expertise (FreeBSD or Debian)
So far, we have:
* our own ASN
* a /21 assigned by ARIN
* two uplinks deployed (Netelligent and Cogent)
* Netelligent announces 3 /24 netblocks for us
* we announce the last /24 through a BGP link with cogent
We have some horrible diagrams describing the setup here:
https://wiki.koumbit.net/RoutingService/RoadMap
As you can see, the uplinks are connected directly into a switch, in two
separate VLANs. The reason for this is we want to be able to hotswap the
routers in case of a hardware failure, but we have understood from
Cogent's documentation that this is not a good practice because the
links appears up even if the router goes down. What is your opinion on
this?
Also, we currently testing OpenBGPd for the announcements, and we are
very pleased with it. The syntax is clear and it just works, with
minimal memory usage:
https://wiki.koumbit.net/OpenBgpdMaintenance#Checking_memory_usage
However, this seems to be a fairly exotic platform, most people running
BGP with Cisco, Juniper or, in some cases Quagga or Bird for Linux
machines. Are there recmomendations on using OpenBGP in production? Good
/ bad experiences? How many people are running Linux routers vs
dedicated Cisco/Juniper/etc routers?
Finally, we are likely to complete this setup with a CARP (the free
equivalent of VRRP) on the inside of the network. FreeBSD can apparently
group interfaces and communicate with OpenBGPd - did anyone deploy such
a thing here? What are your experiences or advice?
Thanks for any advice,
A.
=2D-=20
Sous un gouvernement qui emprisonne injustement, la place de l=E2=80=99homme
juste est aussi en prison.
=2D La d=C3=A9sob=C3=A9issance civile, Henry David Thoreau
--=-=-=
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJSeUedAAoJEHkhUlJ7dZIeh2EQALH6P02o/K7d6Uno25AhtATk
flcZwcDB8itUfO7okBmwpH7Dd0gL3fAeLB1xagFHwPiFDUJCmkG+wsd8uI2SLsJN
+zxnGv7+2lCs1UgJPuysr/UQBx6EpzEvXZeB/NcGnkCGmrEhiNRtFXDCTEFGMrXp
+4bGLFQ8BpqliamxJAlgQyWtHpJbv3wAkOkvA/RPfXrB+Ri/ca9q5xCcVjp+0DMp
G+77xS/L2u2RM63MXiDdgVk+UUiYgHt5qiH54faxQ9S8nGNGo+tSdAgY5PNg+VLp
znGopyIHOXIlus2HKXOUufAyaIMzKLxDH2+oZ70FS1iKmrGTENBUTVelst1YDd3F
GorReOCKIUWA8zsditmHGiTW2Z7alM0YhSr20IzUCDhEqMArPPiaNEO455CVN5VW
gn0/WfJ3OChZs2prdW/BAg/KrJmR3JCfreTfgV3q3MyCBS5HNk1BlgQCqWG/yaAt
1buajAqmVXFfFUBUHY/7s3+0GbOK1DY1+9vkhx6ER2wv1m/PQJQ2APZWup1hEaa7
1IwrULDdh8+SoZA8Vy5NyGWrJ6HDADqfnm4ErDaVQe0MHWgDaMKg6t93VzvSskBo
KOhelRHE1ExZuPaOrephfb+cupkn0UqvmnSP7ES5E16abn75D55ate5nT0nNHe4P
Ok63p67RrY8Bj0BVl20f
=tkHa
-----END PGP SIGNATURE-----
--=-=-=--
