Re: my multipath routing questions...

[Pete Vickers]

Hi,

On 30. nov. 2005, at 13.21, Claudio Jeker wrote:
On Wed, Nov 30, 2005 at 12:53:32PM +0100, Pete Vickers wrote:
Hi,

Dunno if OBSD & your ISP supports it, but maybe try running multi-
link ppp over the links, to 'bond' them into a single virtual
interface which routing could point at...


sppp(4) does not support multilink ppp.

shame...


Alternatively if you are hosting, presumably most of your trafffic is
orginating 'inbound' from the 'net, and thus your ISP will decide
which physical link to send the packets down - a route-to/reply-to on
your end should just keep the ip 'conversation' on that pipe.

If most of your traffic is 'outbound' originated, (e.g. just users
surfing all day long), then you could (and this is just an ugly hack
to get you going), still use openbgp to announce your prefixes, but
don't couple FIB with kernel table, and instead have a script
periodically parse a 'bgpctl sh routes...or..suchlike' output, and
then add 25% to each interface via 'route add w.x.y.z/nn via sanmm'.
Obviously tweaks like polling i/f stats to measure individual
utilisation and biase the number of prefixes sent to each, are  
possible.


Uhm. I think you switched the two. hosting has mostly outbound traffic
while end user cause inbound traffic.

no switch i believe. Although I agree hosting => mostly outbound  
traffic, the IP conversation is initialed from the remote party,  
_inbound_ . And therefore it's the ISP which decides which link to  
send the TCP SYN ( or whatever) down, and thus basic route-to packet  
directing would tie the entire conversation to that same line.



Like I said, a hack, but might get you out of a tight spot...

what about multiple bgp sessions ?


Wont help much unless you start some real evil filtering to balance  
the 4
t1 links.

/Pete


On 30. nov. 2005, at 07.26, andrew fresh wrote:

Hijacking this thread, cuZ now I am worried . . . .

On Mon, Nov 28, 2005 at 11:46:56PM -0800, David Ulevitch wrote:
I'd like to hear how people are using OpenOSPFd

I will prbly use OpenOSPFd in the future, but at the moment, my
question
is about using OpenBGPd and multiple lines from the same provider.

I am getting 4 T1s from a single provider.  Issues with local telco
"facilities" for T3's and other things are causing me problems with
getting anything different.

I am going to end up with something like this:
san0-\
san1-\\ all connected to a single provider
san2-//
san3-/

Now, I assume I will have a single BGP session with them.  (I have
very
little information for lines that are supposed to be installed
tomorrow
morning at 9am).

Right now I have a cisco 3640 that has 2 T1's from AT&T and 2 from
Sprint, it has enough trouble with those which is why I want to
replace
it with an OpenBSD box.  I am going to have an iBGP session with the
3640 and an eBGP session with my new provider.

I will be adding 20Mb over ethernet at some point in the fairly
near future
(if they can ever get it installed) and will hopefully be getting
rid of
the 3640 at that point.

The OpenBSD router will not be doing any NAT, it will be passing
public IPs.


This is what has me worried:
On Tue, Nov 29, 2005 at 03:33:07PM +0100, Claudio Jeker wrote:
There is no kernel support for multipath routing.


I want to load balancing across those 4 T1s and it is sounding  
like I
will not be able to do that and will have to figure out how to get
these
4 new lines into my old cisco router.

Unfortunately trunk(4) doesn't work with san interfaces :-( and
that is
how it looked possible to do the bonding/inverse muxing that I was
going
for.

$ ifconfig trunk0 trunkport san0 trunkport san1
ifconfig: SIOCSTRUNKPORT: Protocol not supported

It would be really kewl to use the trunk(4) interface for the BGP
peer address, since it now does failover, it would be up as long as
any
individual lines were up.  It would be even kewler if it would be  
able
to change the weighting on that interface depending on the number of
lines in the trunk, but I guess I am dreaming again.

I guess I am looking for something like 'ip load-sharing per-
packet' in
cisco terms.  But my real question is:  How do I get OpenBSD to  
treat
those 4 T1s as a single line and share the load across them?

or, how do I get a reasonable approximation from OpenBSD?


Also, with those 4 T1s, I want to make sure that in case any of the
4 go down,
the BGP session will stay up.  With a cisco box, I just bind the
session
to a loopback address, add routes for each interface and it will
choose
one of the interfaces that is up to get to the destination.  How do
I do
this with OpenBSD?

Will the BGP session just work when I solve the load balancing  
issue?

or do I have to do weird things with ifstated(8) (like 16 states
for the
4 lines and lots of route add/delete statements)?

or something with 'route-to' in pf?
http://marc.theaimsgroup.com/?l=openbsd-misc&m=112831360613745&w=2

This seems to work in my test environment:
# t1s is an interface group containing all of the links to that
provider
pass out on t1s route-to { \
       (san0 10.35.0.2) \
       (san1 10.35.1.2) \
       (san2 10.35.2.2) \
       (san3 10.35.3.2) \
} round-robin keep state
pass in  on san0 reply-to (san0 10.35.0.2) keep state
pass in  on san1 reply-to (san1 10.35.1.2) keep state
pass in  on san2 reply-to (san2 10.35.2.2) keep state
pass in  on san3 reply-to (san3 10.35.3.2) keep state


l8rZ,
--
andrew - ICQ# 253198 - JID: [EMAIL PROTECTED]
    Proud member: http://www.mad-techies.org

BOFH excuse of the day: telnet: Unable to connect to remote host:
   Connection refused


--
:wq Claudio