William R. Lorenz wrote:
On Fri, 30 Oct 2009, Aarno Aukia wrote:
On Fri, Oct 30, 2009 at 13:54, Evgeny Yurchenko
<[email protected]> wrote:
I haven't bothered - we get full feeds, so all routes are more
specific than the default route.
That is good but what is the point to keep all feeds if you are
connected to only two ISP manly for redundancy purposes? Evgeny
There is none, you get away with two default routes from your ISPs if
you just want failover. But for the same effort (and some cheap RAM)
you can have the full table and do some traffic engineering if you
want to.
There's generally three options when choosing what kind of feed to
receive from an upstream -- full feeds, partial customer-only routes,
or default routes only. With full feeds, you'll have full redundancy
for outbound traffic also and will be able to (to an extent) detect
routing problems further up the path, i.e. in connectivity from ISP A
to ISP C, upstream. It will also help protect against failures where
layer 2 and 3 is up on the circuit but there are problems with your
network provider's routing.
Full routes are very important for redundancy but require a
considerable amount of memory in router land, which is where partial
routes (so you at least know which networks the ISP has) and
default-only routes come in.
Yes, this is from BGP theory. Returning to pfSense... memory is not an
issue nowadays, what about CPU usage? Does anybody have data about CPU
load when convergence happens with 'full feeds'?
Yevgeny.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
