On Tue, Oct 30, 2007 at 12:55:24AM -0400, Jon Lewis wrote: > > On Mon, 29 Oct 2007, Benjamin Howell wrote: > > >On Mon, Oct 29, 2007 at 04:53:50PM -0400, Deepak Jain wrote: > >>You can "nail" down your announcements to external peers by tying their > >>network blocks to a route-of-last resort on one of your loopbacks. This > >>will prevent flapping externally. > > > >Point taken, but it's actually difficult to nail down all of our > >routes. We have some lone /24's that are not subnetted and thus cannot > >be used with an 'ip route ... null0' statement. When WAN connectivity > >drops, the routes flap if we don't have a stable iBGP session. Thus I'd > >like to steer well clear of severing the iBGP session. > > Not subnetting them doesn't mean you can't > ip route a.b.c.d 255.255.255.0 null0 250 > while still routing the /24s internally (with lower metric) or having them > connected on some interface.
Whoops, some oversights make you feel like an idiot. You're right. > >Only a single internal /30 route will be removed when an interface goes > >down. I can't come up with a route-map implementation that would > >add/remove the weights to the routes already received from our eBGP > >neighbors. If I'm missing something, please let me know. > ... > > >>>I'd like to dynamically change from best-exit to a "hot potato" exit > >>>policy when an internal DS3 fails. We fail over to a much lower > >>>bandwidth link and would like to avoid sending anything but internal > >>>traffic over that link. If it's not already clear, this change needs to > >>>happen automatically. > > Are you talking about a single internal DS3, or the more general case of > "if any of our internal DS3s are down, we need to route differently"? > > If it's a simple case of two DS3 connected routers which are iBGP peers > and also have directly connected eBGP peers, could you use route-maps to > set ip next-hop on iBGP exchanged external routes (setting the ip next-hop > to be the IP of the other end of the internal DS3, with a second IP of an > eBGP neighbor interface)? I haven't tried it, but it seems like it might > do what you want. Indeed, I'll give it some thought. That seems like it should work. In my case, it is just two DS3 connected routers. I figured I'd leave the question open-ended though for other readers' benefit. > Another possiblility (I've never tried) would be to configure multiple > iBGP sessions...one using loopback IPs, the other using the DS3 interface > IPs, exchanging internal routes over both sessions, while exchanging > external routes over only the second. If the DS3 goes down, the session > exchanging external routes dies. I'm not sure you can do this, but I > think by having different peer/endpoint IPs (loopbacks for one session, > serial interface IPs for the other), it may work. Actually this suggestion seems to be a common theme. I hadn't considered this possibility and it seems like it should work fine. David Burns also suggested this in an email that wasn't directed to the list. Thanks for everybody's input. I should have some workable options now. -- Ben Howell