Re: [pfSense Support] Public ip bgp routing
Nathan, Your in seattle? HAve you setup BGP on pfsense? -chris flugstad Nathan Eisenberg wrote: -Original Message- From: Aarno Aukia [mailto:aarnoau...@gmail.com] Sent: Tuesday, October 20, 2009 12:24 AM To: support@pfsense.com Subject: Re: [pfSense Support] Public ip bgp routing Hello, OpenOSPF is on my task-/wishlist... -Aarno -- Aarno Aukia Atrila GmbH Switzerland Then you are my new favorite person. Once implemented, you will have a free beer anytime you visit Seattle, USA. :-) Best Regards, Nathan Eisenberg - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Public ip bgp routing
> -Original Message- > From: Aarno Aukia [mailto:aarnoau...@gmail.com] > Sent: Tuesday, October 20, 2009 12:24 AM > To: support@pfsense.com > Subject: Re: [pfSense Support] Public ip bgp routing > > Hello, > > > OpenOSPF is on my task-/wishlist... > > -Aarno > -- > Aarno Aukia > Atrila GmbH > Switzerland > Then you are my new favorite person. Once implemented, you will have a free beer anytime you visit Seattle, USA. :-) Best Regards, Nathan Eisenberg
Re: [pfSense Support] Public ip bgp routing
Hello, On Mon, Oct 19, 2009 at 19:45, Nathan Eisenberg wrote: > But the BGP implementation in PFSense needs further development - the web > interface for it has bugs, and I'm not sure if the daemon recognizes iBGP vs > eBGP (same AS# vs external), or public AS numbers vs Private. Route > reflectors are also incredibly useful in the BGP world - and they're nowhere > to be found in the implementation. OpenBGPd knows all of it, the pfsense gui supports them in the "raw config"-mode (but you need to read bgpd.conf(5)). > And what good is a border gateway protocol (BGP) without an internal gateway > protocol (IGP) to manage the internal routing? And no, RIP doesn't count as > an IGP these days. :-) OpenOSPF is on my task-/wishlist... -Aarno -- Aarno Aukia Atrila GmbH Switzerland - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Public ip bgp routing
On Mon, Oct 19, 2009 at 2:45 PM, Nathan Eisenberg wrote: > > That's good to know. There are still some unfortunate WebGUI bugs, though Please report them with details at http://redmine.pfsense.org. There aren't any open bugs on the BGP package. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Public ip bgp routing
> -Original Message- > From: Evgeny Yurchenko [mailto:evg.yu...@rogers.com] > Sent: Monday, October 19, 2009 11:16 AM > To: support@pfsense.com > Subject: Re: [pfSense Support] Public ip bgp routing > > Nathan Eisenberg wrote: > > But the BGP implementation in PFSense needs further development - the > web interface for it has bugs, and I'm not sure if the daemon > recognizes iBGP vs eBGP (same AS# vs external), or public AS numbers vs > Private. Route reflectors are also incredibly useful in the BGP world > - and they're nowhere to be found in the implementation. > > > Daemon recognizes iBGP vs eBGP. Sorry, I do not know what route > reflector is. That's good to know. There are still some unfortunate WebGUI bugs, though, and the lack of an IGP is a showstopper. http://en.wikipedia.org/wiki/Route_reflector http://www.networkliquidators.com/article-cisco-ccnp-bsci-certification-bgp-route-reflector-tutorial.asp If you have 5 routers connected to a backbone, and each of them is receiving networks, you have a couple options. You can peer all of the routers in a full logical mesh, and when you add a 6th router, add peering to every other IBGP router and 5 peerings to the new router. This becomes absolutely unmaintainable when you are looking at more like 50 or 100 routers. A route reflector fixes this problem. ' * If a route is received from nonclient peer, reflect to clients only. * If a route is received from a client peer, reflect to all nonclient peers and also to client peers, except the originator of the route. * If a route is received from an EBGP peer, reflect to all client and nonclient peers. ' There's a lot of doc. out there on this, because it's such a pain reliever. Best Regards, Nathan Eisenberg - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Public ip bgp routing
Nathan Eisenberg wrote: But the BGP implementation in PFSense needs further development - the web interface for it has bugs, and I'm not sure if the daemon recognizes iBGP vs eBGP (same AS# vs external), or public AS numbers vs Private. Route reflectors are also incredibly useful in the BGP world - and they're nowhere to be found in the implementation. Daemon recognizes iBGP vs eBGP. Sorry, I do not know what route reflector is. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Public ip bgp routing
> -Original Message- > From: Evgeny Yurchenko [mailto:evg.yu...@rogers.com] > Sent: Monday, October 19, 2009 7:32 AM > To: support@pfsense.com > Subject: Re: [pfSense Support] Public ip bgp routing > > Chris Flugstad - Mobile wrote: > > So ive routed pubblic ips behind pfsense but now i want to route > blocks of ips over our 2 bgp'd carriers > > > > Anyone have a place to start? > > I will have only 1 interface on the local side and will need multiple > blocks off that. Plus setting up so a block can route off another > block > > > > Thanks > > topher > > > What is the problem? You can send as many route blocks as you wish. Yea, I don't think there's a problem with it. It should just work, BGP isn't a terribly complicated protocol. But the BGP implementation in PFSense needs further development - the web interface for it has bugs, and I'm not sure if the daemon recognizes iBGP vs eBGP (same AS# vs external), or public AS numbers vs Private. Route reflectors are also incredibly useful in the BGP world - and they're nowhere to be found in the implementation. And what good is a border gateway protocol (BGP) without an internal gateway protocol (IGP) to manage the internal routing? And no, RIP doesn't count as an IGP these days. :-) An OSPF or ISIS implementation would be sweet - it would bring the platform closer to Cisco/Quagga/etc in terms of routing functionality (functionality - not performance). I would love to be able to build a highly available routing infrastructure around PFSense, instead of being limited to using it as a stub gateway/firewall. And even then, it would be nice... Best Regards, Nathan Eisenberg - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Public ip bgp routing
Chris Flugstad - Mobile wrote: So ive routed pubblic ips behind pfsense but now i want to route blocks of ips over our 2 bgp'd carriers Anyone have a place to start? I will have only 1 interface on the local side and will need multiple blocks off that. Plus setting up so a block can route off another block Thanks topher What is the problem? You can send as many route blocks as you wish. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Public ip bgp routing
So ive routed pubblic ips behind pfsense but now i want to route blocks of ips over our 2 bgp'd carriers Anyone have a place to start? I will have only 1 interface on the local side and will need multiple blocks off that. Plus setting up so a block can route off another block Thanks topher - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
