Hi, then to explain my draft here is my own configuration, and why it could be useful to set custom priorities:
OSPF Scheme:
| - RT1 - | | - RT3
WAN | | OSPF AREA |
| - RT2 - | | - RT4
RIP Scheme:
| - RT1 - |
WAN | | RIP AREA | - CISCO 45XX
| - RT2 - |
BGP Scheme:
| - RT1
WAN |
| - RT2
A first problem is my BGP default route, which was redistributed over
OSPF, causes a looping route between RT1 and RT2 for outgoing packets
(to WAN), because OSPF is prior on BGP.
A second problem is routes obtained by RIP and redistributed over OSPF
(by a custom patch which add redistribution of RIP routes to ospfd) has
the same problem because OSPF is prior on RIP (i need to redistribute
those RIP routes because the routes are distributed to remote networks
over an GRE+IPSec link).
Without the possibility to change the priorities (and dynamically is
better than recompile the kernel and change constant values, it would be
a great function to everybody want), it's impossible to solve this
routing loop (i have patched ospfd to refuse adding some specific routes
from specific hosts but it's not a proper solution, whereas it
worked...).
--
Best regards,
Loïc BLOT,
UNIX systems, security and network engineer
http://www.unix-experience.fr
Le dimanche 03 novembre 2013 à 18:01 +0100, Loïc Blot a écrit :
> Hello, that's powerful but my improvement isn't for this use. It's only an
> improvement to route packets correctly, not dispatch charge.
>
> I'll give you a concrete example this evening.
>
> Loïc Blot,
> Ingénieur systèmes UNIX, Sécurité et Réseaux
> http://www.unix-experience.fr
>
> Stuart Henderson <st...@openbsd.org> a écrit :
>
> >On 2013/11/01 19:57, sven falempin wrote:
> >> FreeBSD propose to have a specific routing table for a process, which is
> >> even more powerful.
> >> When the router has multiple gateway i guess when a source address is
> >> choose the route should be chosen given that. Nothing more.
> >>
> >> What use of this <<improvement>> do you imagine ?, of course you may want
> >> this traffic over this network(low latency) and the other one on
> >> another(high badnwith), put you may use pf for this, or specific route for
> >> the services.
> >>
> >> Writing about this make me think you want a route that <select> on the PORT
> >> instead of the IP. Is this madness ???
> >
> >This is also known as "policy based routing". I've being doing this with
> >"route-to" in PF for ages, or alternatively you can use multiple route tables
> >and "rtable" in PF to push certain traffic to using a certain table (either
> >based on port number, or source address, or UID if it's a connection from
> >the local machine, etc).
> >
>
signature.asc
Description: This is a digitally signed message part
