[166770] in North American Network Operators' Group
Re: advice on BGP + CARP setup on FreeBSD
daemon@ATHENA.MIT.EDU (Antoine =?utf-8?Q?Beaupr=C3=A9?=)
Thu Nov 7 11:26:55 2013
From: Antoine =?utf-8?Q?Beaupr=C3=A9?= <anarcat@koumbit.org>
To: nanog@nanog.org
In-Reply-To: <52797630.8020300@foobar.org>
Date: Thu, 07 Nov 2013 11:26:30 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--=-=-=
Content-Transfer-Encoding: quoted-printable
First, my warm thanks to everyone to responded on and off list, an
amazing response that truly speaks for the opennness and incredible
skill of this community.
We are likely to change the setup to make sure the switch fabric sits
behind the edge routers, and thanks to my new understanding of iBGP,
will simply associate different upstream with the different edge routers
and run BGP between them.
The downside of this setup is that if a router falls over, we loose an
uplink, but that's a minor problem considering how it makes the whole
setup much simpler, and completely removes the single point of failure
of the switch. And anyways since the uplinks are directly in the router,
the downtime should be negligible in such a (rare) occurence.
We will keep on experimenting with OpenBGPd, but at the first sign of
trouble we will switch to what seems to be the more widely accepted
alternative in the *BSD world, Bird, which also allows for a clean
transition to GNU/Linux if we ever make the jump.
CARP will come later, but will still be in the picture. Both routers
will be in production at all time, and we'll use CARP to elect the
gateway for the internal network. We prefer CARP to VRRP because it
seems well supported in *BSD world and because VRRP is
patent-encumbered. I am worried, however, of rumours of kernel panics
associated with CARP, but I am confident that the very responsive
FreeBSD community will be able to help with that.
Thanks again for all your feedback, you guys rock.
Cheers,
A.
=2D-=20
A ballot is like a bullet. You don't throw your ballots until you see
a target, and if that target is not within your reach, keep your
ballot in your pocket.
- Malcom X
--=-=-=
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJSe782AAoJEHkhUlJ7dZIekgsP/joswt3NOGhE5GpKNwHIwRzM
EZqXxs4FUIAdZIWJEAw1s4JWe2WZ33YJzABymjAASP7avwVJs5JtwMcXOeXvFD7a
vshKfIsb96Gvoe/EY6S54Vc9mlQXpzd3sHjeUaA3vYIXFgxyRphg9kyxaV1X5aC9
GtLgyGhyzYKzbMF/hF2rJoBs5stRxDG+VZBlhyQXxBQzvqm3qEuWIQgkHWDgY+B1
BUgqbsstImi0l1e9KbtRMu/6rKTT3p/BGMgK75tbzkJrn6s3FMMl5PREYd1Hk3qa
tFn7ITs6D6hap+inHInSWQ6P7D0Wc+2zjOetMdXi7W4FDzUAS/1OH5OE1lg58uJy
FM6j7vCKLGBMBL/EOaQLdJPjil33wNaJMnJmkTS8Z3fF1kGf+i+iWA2f0K1mZj+x
lCq3vNitwH1BdOytiHcA5Zrnx/h4MyPKCR6En+nbGkb2NHPnS3aEOJ6gOlLb5r7d
idxuOhNpUallTC8jIv7fA6ugtwFhUmCktWFKbuVA1Gsb3HgBsyNvkQjcErhRjSY7
5UdgSJawxrgxvICgmFNQSnZrn0sL7U9ylqqcdyqyuNauOrqJp58RghZR17J8iwnk
oDpOYdNeiIzKNV/Zv3e2d4B8mkd7wtFV+7NTcBnSwNLFzdsjIcpjNUqv9xiXQqsZ
L87SGRhgklyqSLoPCoO4
=CMJ8
-----END PGP SIGNATURE-----
--=-=-=--
