On Sat, Feb 17, 2007 at 11:22:48PM +0000, Stuart Henderson wrote:
> On 2007/02/17 23:41, Falk Brockerhoff wrote:
> > I will play with localpref later, but before I want to ask if my planned
> > setup is the right solution for my needs. I want to run two bgp-routers
> > and connect several eBGP sessions to the two routers.
> > To the inside I want to provide a failover-tolerant default gateway for
> > my vlans, that's why I'm using carp.
>
> If you run PF on the same routers as well, take care with stateful rules,
> stateless is the easy way, or arrange so that the CARP master is a better
> route (maybe prepend on the backup). you are unlikely to get states sync'd
> quickly enough to avoid problems if you have things too asymmetric.
>
> > want to do this for the "internal" networks, too.
>
> I would normally use OSPF for this, using iBGP to carry internal routes
> is possible but I think mostly something done on larger networks.
>
iBGP and an IGP like OSPF are used for different tasks. iBGP brings
routing information from the edges to the core of your network and is used
to find the best path out of your network. OSPF on the other hand is
mostly used for internal and incomming traffic. If your network is simple
enough that a few static routes suffice to describe your network there is
no need for OSPF.
Huge networks (ab)use iBGP to cover also the topology information for the
network. To set up such a network needs a lot of knowledge and a very good
documentation process.
> ospfd has a nice feature; when you use "interface carpXX { passive }",
> the network is only announced via OSPF when CARP is master. This works
> really well.
>
Yes, but if you just have two routers with one carp interface on them you
don't need OSPF. In such simple cases "depend on carp" and "demote carp"
may suffice.
--
:wq Claudio
