On Fri, Feb 22, 2008 at 5:50 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> On 2008-02-23, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > I noticed that the two firewalls do not forward there > iBGP > > learned routes to one another. Is this intended/expected behavior? > > Yes, you should probably read up a bit about BGP, and why you need > a full mesh of i-BGP speakers. I've reread thru some of my BGP resources. > > > > And I had a "redistribute default" configured in ospfd.conf on the > routers, > > however I had problems with this setup as well when I unplugged the > external > > link on the firewall but this could have been due to my pf configuration > on > > the firewalls. Should I re-investigate this scenario? > > You mean, just OSPF and no BGP on the firewalls? That's probably worth > another look. No, I'm actually running OSPF and BGP on all nodes, but I believe there to be a config issue somewhere along the line . Because of the expected BGP protocol behavior, Ill have to revert back to my original configuration with the "redistribute default" and begin troubleshooting why this was problematic for me. When I unplugged the eBGP link, the unplugged router was still distributing the default route. What i need it to do is stop redistributing the default when the eBGP link dies. Ill have to reread thru the manpages I suppose. > > > > Also how how quickly should traffic be rerouted with OSPF if a link > dies? > > Depends on your timers, but <10sec is not unreasonable for OSPF. > If you have to wait for BGP timers and session re-establishment that > would take longer. > I have default timers set, however the typical time for reconvergence is between 60-120 seconds, so I must be waiting on the BGP timers.
