Need provider suggestions - BGP transit over GRE tunnel
bill at herrin.us
Fri Jan 28 11:05:09 CST 2011
On Fri, Jan 28, 2011 at 11:10 AM, Robert Johnson
<fasterfourier at gmail.com> wrote:
> My organization is planning to become multihomed in the near future.
> Currently we have redundant (router and physical path) links to a
> single AS where we get our transit, and speak BGP to them using a
> private ASN. This configuration has not been meeting our reliability
> requirements, so we will be getting our own ASN from ARIN, and moving
> from PA to PI IP space.
> Our new provider will be used for backup purposes only. We would like
> to minimize the monthly cost of this connection; to do this, we are
> planning to use a VZ business FIOS connection with symmetrical
> bandwidth to establish a GRE tunnel to a datacenter somewhere, and
> bring up a BGP session over that tunnel. I'd like to know if there are
> providers that offer such a service on a regular basis, and if so, if
> anyone is doing this and has words of wisdom.
I use a similar technique myself and it works reasonably well.
Servint.net was willing to do it for me and he.net gave me a quote as
well. Three pitfalls to watch out for:
1. A small portion of your traffic is going to wander in via the data
center link and down the GRE tunnel during normal operations. You can
tweak the announcement so that it isn't much, but it won't be zero
2. Make sure you originate the network announcement from your physical
location, not from the data center. In other words, no "network
10.2.3.0 mask 255.255.255.0" in the "router bgp" section at the data
center. If the data center becomes disconnected from you, it should
drop the announcement.
3. You'll need a small block (/29) of PA addresses at the data center
to anchor the tunnel.
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the NANOG