On Tue, Mar 27, 2018 at 10:11 AM, Glen Turner <[email protected]> wrote:
> Greg Oliver wrote: > > That is exactly why METRICS exist in routing. > > Hi Greg > > I was imprecise in my choice of words. I should have written "surest way" > rather than "simplest way". > > It's common when using dynamic routing protocols to separate the > management plane and the forwarding plane, because metrics may not be > sufficient to maintain access to management services in some scenarios > when dynamic routing protocols misbehave. > > For example, consider OSPF hearing a more-specific route -- but with a > non-viable path beyond the next-hop -- and installing that route into the > host forwarding table. If that route covers the source address of, say, > the ssh client then communication from the server back to that ssh client > may not be possible, and thus starting the TCP connection for the ssh > service may not be possible. The "gateway of last resort" default route > with a high metric is never consulted, and thus does not function as > intended. > > Another example is where a OSPF-learned lower metric default route with a > differing next-hop is continually installed and removed from the > forwarding table. This is commonly seen with routing loops in dynamic > routing protocols. The flapping between the two next-hops may not allow a > TCP connection to the server to be maintained for long enough to correct > this fault. > > I'll readily accept that servers have a wider range of management plane > options than purpose-built routers. I should have alluded to the > requirement rather than suggesting a mechanism. > > My apologies for intruding upon your mailing list > No intrusion AFAIK - if so, I intruded as well :) All you say is true, but generally you would use loopbacks (that are always up) to bind your dynamic protocols to that alleviates that issue mostly. I was just referring to the dynamics going down, and therefore the static with a higher metric would fall into play at that time. We use to have a 100% statically routed network for our loopbacks, and ran BGP on top of it with lower metrics and never had an issue reaching devices. Of course, the static routed network was "hairy", but it did always work. Of course, when peering became so commonplace in the late 90s (my grandmother could have peered with any provider in the NAPs), it kind of made it a moot point :) -Greg > Regards, glen > > -- > Glen Turner > Web: <http://www.gdt.id.au/~gdt/> >
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
