The thought was to have a universal IP that was the same on every router The loopback is the ospf id
Thats one thing im still working on as well is the crafty filtering to get the router to always respond as a particular ip in a traceroute so i can use public space and only use 1 ip instead of 4 per link. its doable, just havent figured it out yet, i can id the traffic by ttl, but havent figured out the policy route to associate with it On Thu, Nov 12, 2015 at 12:38 PM, Josh Baird <joshba...@gmail.com> wrote: > I'm not following your 'leave 192.168.1.88 on ether1' thing here. You do > have a loopback interface correct? In MT, this translates to: > > /interface bridge add name=loopback > /ip address add interface=loopback address=1.2.3.4/32 > > In this scenario, 1.2.3.4/32 would be accessible no matter what > uplink/route is being used. This should be used for your 'router-id' for > both OSPF and BGP. Each router on your network should have a unique > loopback IP. > > As you said, you should dump static routing to your providers and utilize > BGP. Especially seeing that you have your own prefix from ARIN and > presumably you have an ASN. I'm not really sure how the BMU fits in to > your design, because I have never used one. > > On Thu, Nov 12, 2015 at 1:22 PM, That One Guy /sarcasm < > thatoneguyst...@gmail.com> wrote: > >> First, I have to give props to mikrotik. These things are versatile as >> hell, multiple mechanisms for access, fairly intuitive CLI syntax, Nice >> simple clean GUI, tons of visibility, I wish we had gone this route 6 years >> ago, we would be further along in our capabilities. >> >> I finally got the biggest sections of the network fully routed yesterday, >> there is only one redundant loop for 3 sites, so OSPF is primarily just >> present for route propogation >> >> We have two upstreams, currently each statically routing a /23 each of >> our ARIN space with an EOIP tunnel between the two to handle a couple >> policy routes, the EOIP tunnel is not currently doing OSPF just sending the >> /23 across when it needs to. >> Both of the edge routers are distributing the default route so the >> customer traffic will hit the closest BMU (we are upstream 1 - edge router >> - bmu - network - bmu - edge router - upstream 2) >> >> We have butch evans firewall on our interior routers with a couple tweaks >> >> OSPF default instance is: >> redistribute default - never (with the exception of the two edge routers) >> connected - type 1 >> static - type 1 >> rip - no >> bgp - no >> orther ospf - type 1 >> metrics are all default >> >> I add an all interface currently with simple authentication, in broadcast >> where we are still building out and point to point when its an isolated hop >> >> when i add the network and the dynamic interface instance comes up I go >> to it and click copy to make it static >> >> The rest of the configuration is default >> >> Im still trying to understand filters, im semi retarded. I had thought it >> was pretty slick to leave the 192.168.88.1 on ether1 so every router had an >> accessible ip, but with redistribution of connected routes, i found out the >> hard way this was a bad idea when i dumped a configuration into the wrong >> router and took a production network down, my bad. >> >> Im putting some EOIP tunnels in for some customer endpoint needs, but I >> think MPLS is the actual right way to go, but EOIP is really easy to do. >> >> End of the day we will implement BGP (after all the routers are deployed) >> so our internal network will need to be in line for the best utilization of >> that. >> >> having BMUs does limit some things, like they only do OSPF, no BGP or >> iBGP, there may be a way around that, I dont know, im short bus special, >> mom told me the helmet made me handsome. >> >> if i were a real network operator, what would i be doing differently? >> >> >> >> -- >> If you only see yourself as part of the team but you don't see your team >> as part of yourself you have already failed as part of the team. >> > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
