Policy-based routing is evil? Discuss.

• Previous message (by thread): Policy-based routing is evil? Discuss.
• Next message (by thread): Policy-based routing is evil? Discuss.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/11/2013 10:27 AM, William Waites wrote:
> I'm having a discussion with a small network in a part of the world
> where bandwidth is scarce and multiple DSL lines are often used for
> upstream links. The topic is policy-based routing, which is being
> described as "load balancing" where end-user traffic is assigned to a
> line according to source address.

I wouldn't say "evil", I have found it really useful in some cases. You
just need a different approach to the network design.

I'd just say it's not the easiest way and yeah, I try to generally avoid it.

>   - It's brittle, when a line fails, traffic doesn't re-route

This depends on how flexible the PBR implementation on your router is.
If your router can have conditionals like this:

* match: source address A && link P available --> send it to link P
* match: source address A --> unconditionally send it to fallback link F

Then your users will converge quite nicely. Also, make sure you prepare
for router redundancy.

Configuration can get pretty complex, though, and link addition can
require redesign of the whole policy.

>   - None of the usual debugging tools work properly

No, but then, they can't expect usual debugging tools with unusual
scenario. You may need to develop some new tools and teach them how to
use them.

>   - Adding a new user is complicated because it has to be done in (at
>     least) two places

With a good design this burden can be significantly lowered to the point
of being not 100% but 80 or 90% effective, so to speak. Consider a good
topology and a good addressing plan.

• Previous message (by thread): Policy-based routing is evil? Discuss.
• Next message (by thread): Policy-based routing is evil? Discuss.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]