Multi site BGP Routing design

• Previous message (by thread): Multi site BGP Routing design
• Next message (by thread): Multi site BGP Routing design
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

John.Herbert at ins.com wrote:
> Depending on your security policies you may want to encrypt said tunnel also.
> 
> Other than that, it all depends on it all depends. For example - if you receive / or have a default route pointing to the ISP, then the fact you have the same AS and won't receive the other site's routes in BGP doesn't matter at all - you'll follow a default from site 1 to the ISP, and the ISP will have a route to site 2 and can pass the traffic in the right direction. If you don't mind your traffic being passed unencrypted over the Internet, that is. You'll obviously need to adapt your firewall policies to allow for that flow as well.

Personally, I don't really like the tunnel idea... I've had to deal with
them for v6 connectivity, and they seem so 'ugly'.

My first thoughts were about de-aggregation, but since he's already
advertising different space out of each site, that became irrelevant.

I was just thinking that two AS numbers would be the cleanest, easiest
to maintain method for him to take.

Certainly tunnelling did go through my mind though to ensure
site-to-site peering over the Internet.

Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3233 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20090605/d9e0e4c9/attachment.bin>

• Previous message (by thread): Multi site BGP Routing design
• Next message (by thread): Multi site BGP Routing design
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]