Re: generate default route and export to kernel if remote peer is up

Sat, 08 Sep 2018 09:33:53 -0700 

On 09/08/2018 10:11 AM, Grant Taylor wrote:
If I were to try to script something like this today, I'd do it with a few timers.  The first being when the last outgoing traffic was sent and the second being when the last incoming traffic was received.  As long as the second (incoming) timer is lower than first (outgoing) timer, I think it's safe to say the connection to the ISP's router is functional. 


In the event that the second (incoming) timer is higher than the first 
(outgoing) timer, I'd start a third (dead gateway) timer.  If the third 
(dead gateway) timer ever reaches zero, then I'd know that there is a 
problem with the local ISP and I'd withdraw the local default gateway.


Now my brain is chewing on this.


What I've outlined will detect the transition from normal / steady state 
to errant state.  But as it's written, it will never detect that the 
local ISP connection is usable because there is no traffic to monitor.



As such, I'd likely have a separate routing table with only the ISP's 
connection and the associated default gateway.  That way it's possible 
to send probe traffic (even when the main routing table has a different 
default gateway) to detect when the local ISP's connection is usable 
again.  [1]  If / when the local ISP's connection is usable, add their 
default gateway to the main local routing table and allow BIRD to do 
it's thing.



[1]  You need to decide what to do with established connections; do you 
bring them back to the local ISP, thus possibly breaking session state, 
or do you rely on route caching to ""gracefully bring things back.



Note:  I have never gotten Dead Gateway Detection to do what I want in 
any reliable manner.  DGD tends to rely on link state and / or special 
kernel parameters [2].  Even when it does function, I've found that it 
does not do what I want it to do.



[2]  I think you have to tell the kernel to hold onto unreachable routes 
-and- you need to have probe traffic to kick the kernel to realize that 
the gateway is reachable again.




--
Grant. . . .
unix || die




Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature






















					Reply via email to