advice on BGP + CARP setup on FreeBSD

• Previous message (by thread): [pfsinoz at gmail.com: [APRICOT-INFO] APRICOT 2014 call for papers]
• Next message (by thread): advice on BGP + CARP setup on FreeBSD
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi fellow operators,

We are slowly and carefully joining the fray of autonomous systems and
started announcing our own netblock, a first test that started last
week. So far, things are going well, but before going further along this
setup, I would be curious to hear experience from other operators about
the plan we are thinking of deploying.

Our requirements:

 * free software, as much as possible
 * inexpensive
 * using existing operating system expertise (FreeBSD or Debian)

So far, we have:

 * our own ASN
 * a /21 assigned by ARIN
 * two uplinks deployed (Netelligent and Cogent)
 * Netelligent announces 3 /24 netblocks for us
 * we announce the last /24 through a BGP link with cogent

We have some horrible diagrams describing the setup here:

https://wiki.koumbit.net/RoutingService/RoadMap

As you can see, the uplinks are connected directly into a switch, in two
separate VLANs. The reason for this is we want to be able to hotswap the
routers in case of a hardware failure, but we have understood from
Cogent's documentation that this is not a good practice because the
links appears up even if the router goes down. What is your opinion on
this?

Also, we currently testing OpenBGPd for the announcements, and we are
very pleased with it. The syntax is clear and it just works, with
minimal memory usage:

https://wiki.koumbit.net/OpenBgpdMaintenance#Checking_memory_usage

However, this seems to be a fairly exotic platform, most people running
BGP with Cisco, Juniper or, in some cases Quagga or Bird for Linux
machines. Are there recmomendations on using OpenBGP in production? Good
/ bad experiences? How many people are running Linux routers vs
dedicated Cisco/Juniper/etc routers?

Finally, we are likely to complete this setup with a CARP (the free
equivalent of VRRP) on the inside of the network. FreeBSD can apparently
group interfaces and communicate with OpenBGPd - did anyone deploy such
a thing here? What are your experiences or advice?

Thanks for any advice,

A.

-- 
Sous un gouvernement qui emprisonne injustement, la place de l’homme
juste est aussi en prison.
- La désobéissance civile, Henry David Thoreau
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20131105/eabd7322/attachment.sig>

• Previous message (by thread): [pfsinoz at gmail.com: [APRICOT-INFO] APRICOT 2014 call for papers]
• Next message (by thread): advice on BGP + CARP setup on FreeBSD
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]