-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I'd say um summary that trying to load-balance multiple full BGP transit connections is a pain in the ass and really best avoided unless it's some simple prepend work either by prepending entire peers or using their BGP community toys to prepend individual peers. You'll rarely get anything like the load balancing you would like and then it only takes one upstream to start peering somewhere else or stop peering somewhere and it all goes to cock again. - -- Leigh Peter E. Fry wrote: > From: Jesper Skriver <[EMAIL PROTECTED]> > [...] >> So in short, using 'no-export' is HIGHLY dangerous, and >> should be used with great care - in fact I would strongly >> recommend not to use it. > > This is an excellent point. I've been seeing more and > more evidence lately (the latest bit being this thread: > https://puck.nether.net/pipermail/cisco-nsp/2007-March/038882.html) > that exotic manipulation of BGP is on the way out. > Seemingly straightforward routing and filtering policies can > interact in ways that can be tough to anticipate. Many of > the old tricks of the past such as announcing more specific > routes to individual peers or using upstream export controls > are a good idea only for folks who like chasing odd black > holes. > >> Instead prepend your advertisments to upsteams that you >> only want to use as backup, and/or inquire with those >> providers, if they have communities you can use to have >> them preprend when you re-advertise your prefixes. > > More common are communities that instruct your upstream to > assign a particular local pref -- similar, but they tend to > be more positive, and less applicable if I follow your > intent. Also, I tend to recommend against prepending > differently on multiple links to a single provider, as it > can unnecessarily propagate disruptions upstream. Those are > a bit aside, but hey. > > Peter E. Fry > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF+lvrZ0chUame06wRAm34AJ9ughgezFAe+D62Vpq6APoFcmcpNgCgzn7h Xm/aeBflwS0ntmyejQuKObo= =eXzB -----END PGP SIGNATURE----- _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
