Hello, Failover already works with BGP on my test conf, the problem is that BGP only selects ONE route to a destination, so there is no load balancing.
The easiest for me would be to tell BGP to keep TWO routes to each Destination, and use them in a round-robin way. That's what Cisco does with BGP multipath http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431 .shtml#bgpmpath But AFAIK there is no way to setup this with openBGP. Am I right ? -- Cordialement, Pierre BARDOU -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Envoyé : mercredi 8 octobre 2008 09:05 À : BARDOU Pierre Cc : Frans Haarman; misc@openbsd.org Objet : Re: OpenBGP load balancing between 2 ISP (multihoming) BARDOU Pierre wrote: > Hello, > > I can load balance on the firewalls with pf , but the problem of that > Solution is that there is no failover AFAIK. > If I loose a link between an ISP and me half of the packets will be lost. > > And not loosing packets is more important to me than load balancing... > > -- > Cordialement, > Pierre BARDOU > > > ________________________________ > > De : Frans Haarman [mailto:[EMAIL PROTECTED] Envoyé : mardi 7 > octobre 2008 18:54 À : BARDOU Pierre Cc : misc@openbsd.org Objet : Re: > OpenBGP load balancing between 2 ISP (multihoming) > > > 2008/10/7 BARDOU Pierre <[EMAIL PROTECTED]> > > > Hello, > > I am trying to set up a configuraion like this : > > +------- -+ +---------+ > | ISP1 | | ISP2 | Cisco > | ROUTER | | ROUTER | > | AS3215 | | AS12670 | > +---------+ +---------+ > | | > | | > +---------+ +---------+ > | BGP | | BGP | > | ROUTER | | ROUTER | OpenBSD 4.3 > | AS47818 | | AS45818 | > +---------+ +---------+ > | | > | | > +-------------------------+ > | 217.109.108.240/28 | > +-------------------------+ > | | > | | > +--------+ +-------+ > | FW |--------| FW | OpenBSD 4.3 > | MASTER | pfsync | SLAVE | > +--------+ +-------+ > | | > | | > +-------------------------+ > | PRIVATE NETWORKS | > +-------------------------+ > > I'd like to load balance outgoing connections to the internet, > but I don't know how to configure openBGPd to do this. > I searched a lot on the Internet and I found a lot of informations > on how to do this with cisco, but I have never found an openBGP > solution. > Some people speak about it but I have never seen it. > > I made a test conf where failover works like a charm (using iBGP on > the > FW's with 'set nexhop self' on BGP routers), but when both > connections > are active only one is used. > > Would it be possible to help me please ? > Is setting up iBGP sessions between FW's and BGP routers a good idea > ? > Should I rather use OSPF for this ? > And in tha case how to configure it to loadbalance/failover ? > > Many thanks > > PS : loadbalancing incoming connections too would be very nice, but > I > understood it was much more difficult. > > -- > Cordialement, > Pierre BARDOU > > > > > just wondering...... > > What happens when you load balance your > traffic on your firewalls ? So you devide > the traffic over both bgp routers: > > http://www.openbsd.org/faq/pf/pools.html > > maybe you could even do the route-to > on the bgp routers ? > > something like: > > route-to { ($ext_if $ext_ISP1), ($local_if $BGP2 ) } round-robin > from $lan_net to any keep state > #and on the other bgp router > route-to { ($ext_if $ext_ISP2), ($local_if $BGP1 ) } round-robin > from $lan_net to any keep state > > Beware: I have no idea if any of this is possible. > But thats what I'd try :) > > Gr. FH > If you want to use fail-over capability of bgp, you can use prepend to increase length of one path. I have no experience with configuring openbgpd but on juniper/cisco it seems to work great. Regards, Marusz
BEGIN:VCARD VERSION:2.1 N:Bardou;Pierre FN:BARDOU Pierre ADR;WORK:;B011 LABEL;WORK:B011 EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20070806T072621Z END:VCARD
smime.p7s
Description: S/MIME cryptographic signature
