Le 15/11/2013 18:14, Dave Curado a écrit : > Hi Yham, > > FYI - I think one of my email messages on this thread didn't go out, > the body of the message was larger than > some threshold, and it requires a moderator approval. (they'll get to > it at some point =-) >> can you comments on how AS-confederation will benefit more over >> having all BRs part of single public AS with iBGP peering with >> neighbors. Datacenter-1 one is already on public AS so it will be >> difficult to make changes. >> The only reason with two AS is architectural complexity when you >> suggest one AS for both DCs or do you think any routing issues can >> also be encounters. >> > The way your current topology uses a number of private-ASes, it starts > to look like a BGP confederation. > The benefit of a confederation is the ability to present your network > as a single AS, while internally using > a set of private ASes allowing a separation of administrative and > policy choices for each private AS. > But that flexibility does come with a bit more complexity. (I'm sure > there are people on this list who > have worked with confederations and will hopefully chime in on this.)
Yes, I agree. Never do more complex than projected to be needed mid-term (or so). In other words, AS-confed if you feel that policing between your subs is or will become important, else: > > Since the two BR-1/BR-2 pairs are interconnected, and one already has > a public ASN, making them all part > of the same ASN and putting an ibgp mesh into place would be > relatively easy, and would save > a second public ASN from being used. At least, it looks relatively > easy to me, and that is attractive. =-) Voilà ! Cheers, mh > > HTHs, > Dave > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
