On Sep 21, 2007, at 2:22 PM, Pekka Savola wrote:
On Fri, 21 Sep 2007, John A. Kilpatrick wrote:
1. The "captain obvious" suggestion of a default means that now I'm paying for multiple links but can only use one. That's not cost effective and will provide lower performance for some destinations. I have done defaults in the past where appropriate but it's not appropriate in this application.
That's not the case at all. If you use only defaults, you could do load balancing but in a very crude fashion. If you use a default route and filtered version of BGP feed (e.g., accept everything up to /21) probably up to 90-95% of traffic would go over that link, or multiple ones if you have multiple BGP sessions.
Sure, but you do still run the (not insignificant) risk of following the default to the "sufficiently good (non-tier1, not cogent) upstream", only to discover that, for whatever reason, it has no reachability to the prefix. If I have spent to time and effort to get multiple providers, presumably I believe that my bits are important enough to not trust to "this will probably work most of the time..." W
If you want more control than _only_ a default route or two (and many do), the default route would in principle be just a safeguard for more specifics (or other routes, based on a metric of your choosing) you filter out.
2. The idea of a complex filtering strategy is, from my perspective, an even worse idea. You get all of the downsides of a default with increased operational complexity that may not scale across multiple sites depending on the size of your ops team.
I'd probably agree if you used complex filtering without a default route. Having a default route, as long as it points to a sufficiently good (non-tier1, not cogent) upstream allows you not to care so much about how you filter the BGP feed.
But as should be obvious, you don't need to worry about this problem if you're willing to put money into router upgrades. However, I'm just suggesting there is an alternative to router upgrades if you're comfortable with the somewhat different tradeoffs that will bring with it.
-- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
-- Hope is not a strategy. -- Ben Treynor, Google