[52650] in North American Network Operators' Group
Re: iBGP next hop and multi-access media
daemon@ATHENA.MIT.EDU (John M. Brown)
Tue Oct 8 10:01:28 2002
Date: Tue, 8 Oct 2002 06:59:35 -0700
From: "John M. Brown" <john@chagresventures.com>
To: Ralph Doncaster <ralph@istop.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.21.0210061241460.16285-100000@ns.istop.com>; from ralph@istop.com on Sun, Oct 06, 2002 at 12:44:07PM -0400
Errors-To: owner-nanog-outgoing@merit.edu
Let me see if I got this.
Route A:
unknown networks behind it
uses 10.10.10.2 as a neighbor to router B
Router B:
has a network 172.16.16/24
uses 10.10.10.1 as a neighbor to router A.
Router A's table shows
172.16.16/24 -> 10.10.10.2
You want Router A to ARP and pretend its on the local
broadcast domain for the 172.16.16/24 prefix.
But that prefix is NOT local to router A, thus it must
ROUTE and thus uses the NexHop in its table.
It seems you description is wrong.... But I don't know..
Please clarify
On Sun, Oct 06, 2002 at 12:44:07PM -0400, Ralph Doncaster wrote:
>
> Background:
> Router A and B are connected via a common ethernet segment 1. Router A
> uses 10.10.10.1/30, and Router B uses 10.10.10.2/30. Router B also has
> another subnet configured for ethernet segment 1; 172.16.16.0/24.
>
> When I setup a situation like the above, with Router B advertising the
> 172.16.16.0/24 to router A, router A sees a next hop of 10.10.10.2. This
> is not good since packets from A going to the 172.16.16 subnet get sent to
> Router B, which then ARPs the desitnation, instead of just being ARPed by
> router A.
>
> I don't want to turn on ICMP redirects on B since they're insecure and
> ugly. I've also made sure I'm not using next-hop self. Is there a way to
> make this work?
>
> Ralph Doncaster
> principal, IStop.com
>
>
