On Wed, 6 Dec 2000 nanog@btamail.net.cn wrote:
There is a IDC service provider whose data centers are scattered here and there. It has its own AS number but no circuits to mesh its nodes. If they want to run BGP with their carrier to exchange routes carrying traffic between their nodes ( I suspect it is not a VPN senario because it is using public IP address and most of the traffic is not internal) and their IP block are potentially intersected among the nodes, is each zone sharing same AS and running like an island enough to go? And do we need an IPsec gateway to create tunnels over public networks (through the eBGP peer?
:$ #$*&^$#$!) to setup iBGP if possible at all?
The first question is, do you really need BGP at all? If there's only a single service provider for each data center then probably not unless their IP space is poorly allocated across the different centers. If you do, indeed, need BGP, there isn't any reason to setup tunnels, just run eBGP with each peer in each datacenter and make sure you have a default route pointing to at least one of them since your routers will ignore routes with your AS number in the AS Path. Brandon Ross 404-522-5400 EVP Engineering, NetRail http://www.netrail.net AIM: BrandonNR ICQ: 2269442 Read RFC 2644!