Hi Andre!
Thanks a lot for your answer!
Some comments:
- Yes, we WILL peer with many ISP as possible @TIX and @CIXP, if possible
@SwissIX as well.
Maybe I have to explain what we have planned in more detail:
Our Access to the Internet will look like the one you have described:
Upstream Upstream
| |
CIXP-Peers - [EMAIL PROTECTED] [EMAIL PROTECTED] -
TIX-Peers
| |
| |
iBGP iBGP
| |
| iBGP |
to other iBGP-Rt <[EMAIL PROTECTED] - - - [EMAIL PROTECTED]>to other
iBGP-Router
| |
| |
---------LinkLoadBalancer in/outbond---
| |
| |
Data Center/UserProxy
Our main internet access will use BGP to advertise our prefixes and to catch
the prefixes learned fom all peerings.
We place a router @TIX and a router @CIXP and have 2 other Routers in Bern -
this 4 routers will build our "Internet"-core.
There will be other routers within our "Internet-Network" so will act as an
"ISP" for our goverment-customer.
The idea was to use LoadBalancer between this "Internet-Infrastructure" and
our Data-Centers/Userprox/etc.
Generally the data-center is a customer of the "BIT-ISP". There will be no
BGP between the Data-Center and the
our "Internet-Router"
So the loadbalancer will only be used for this datacenter and not our
"internet-routing" itself.
The loadBalancer will use PA-Adresses assigned from one [EMAIL PROTECTED] and one
[EMAIL PROTECTED] for the source-NATing.
The goal of this is to have only one path from the IXP to our [EMAIL PROTECTED]
and hopefully this will be the "best" one.
"To link-load....To packet-loss. "
The base idea was to implement another ADDITIONAL mechanism to have the best
End-TO-End path from the BIT to the other end- and have faster failover (in
a end-2-end-view)
in the case of any routing-failures wihtin our (Upstream)-ISPs.
Of course I'm happy if this is not necessary and BGP will do the right
thing.
I was not sure if BGP will converge quick enough in the case of
routing-issues and
if BGP will select the "best" path to reach a remote destination.
This was the reason to thinking about linkloadbalancer for our datacenter.
"With BGP you can't really improve the inbound traffic in the sense you
are probably thinking....."
Yes, our ideas was to use linkbalancer for the inbound traffic destined for
our datacenter.
As well, as a "public servant" we will choose the laziest way and are not
willing to tune BGP:-))
No, you are right, we have to do some BGP tuning. But our crew has only BGP
knowledge and we have not a lot of
experience with Internet-Routing itself, with all its tricks.
So will test the tools you have mentioned to opmise our Internet-Routing as
soon as our little internet-BB is in operation.
So the idea with OER was an alternative solution than the usage of Radware
or F5.
Even OER on our [EMAIL PROTECTED] or on a dedicated box between the
internet-core and the datacenter.
Unfortunately OER us only for outband traffic.
And this was the reason of my question if someone have experience with EOR
in a setup like the one above.
Sorry, my first posting was really not clear enough:-(
cheers,
marcel
_______________________________________________
swinog mailing list
[EMAIL PROTECTED]
http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
