BGP offloading (fixing legacy router BGP scalability issues)

• Previous message (by thread): nanog website down
• Next message (by thread): NANOG 64 recordings
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 11, 2015 at 8:38 PM, Chaim Rieger <chaim.rieger at gmail.com> wrote:
> Freddy, did you get your test up ?

Finally had some time to setup a lab environment and do some basic
testing regarding the fully transparent approach mentioned in the
initial email.
My biggest concern was that the cisco wouldn't like packets with it's
own MAC source address. But luckily it's dumb enough to just forward
them.
Hacked together a small scapy program to implement "selective proxy
ARP/NDP spoofing".
It's working perfectly fine in my lab setup.

As it turns out a quick reality check on our peering ports shows that
most BGP implementations are correctly setting TTL to 1 for ebgp
sessions by default.
That of course breaks my initial plan to just route the BGP packets to
the server (cisco will drop them due to TTL expiration).
Using a vlan access-map it might be possible to redirect the packets
to another interface to fix that.
The worst case solution for that should be a RSPAN session with
corresponding filter.

Essentially all the bricks are there, they just need to be assembled.

Best Regards,
Freddy

• Previous message (by thread): nanog website down
• Next message (by thread): NANOG 64 recordings
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]