On Dec 1, 2010, at 5:05 PM, Jack Bates wrote:
On 12/1/2010 3:56 PM, Patrick W. Gilmore wrote:
Having islands which point default is not ugly. They are probably pointing default anyway.
If all sites strictly do default, fine. However, one could say static routing would work fine there too; and then you don't need an ASN. If each site is multihomed (the usual reason to run BGP), you might want to see the routes to apply appropriate traffic policies to them.
Just because you have one transit doesn't mean you shouldn't do BGP. Consider the router at an exchange point with 100+ peers and one transit, for instance.
If not, typing "nei $FOO allowas-in" is also not ugly, IMHO.
Works, but you usually need to be careful when utilizing that method to prevent loops.
There is always a "you usually need to be careful" with any implementation, including a network without islands. If this is, for instance, a bunch of remote offices with a single router & two upstreams each, there is zero risk of routing loops. Otherwise, there are always considerations, whatever your topology choice.
But your network, your decision. Mine runs fine like that.
I'm surprised that you left out the obvious workaround and depending on the traffic, the most appropriate model (leaving workaround status), create an encrypted channel between the networks and run iBGP over it.
If you think you need to be careful with allowas-in, you need to be an order of magnitude more careful with tunnels. Plus I don't like GRE. :) -- TTFN, patrick