On 02/09/2010 10:30, Graham Beneke wrote:
I have been asked to investigate moving an entire network to multi-hop on all the eBGP sessions. Basically all upstreams, downstreams and peers will eBGP with a route reflector located in the core. This RR will be some kind of quagga or similar box. The dev guys want to be able to poke at the BGP feeds directly and do *magic* that standard router aren't capable of.
My gut feel is that this is a bad idea. Besides anything else it makes sane link state detection very challenging - especially where we have multiple sessions with a peer.
Of course, this sort of thing is usually great fun and seems like a Very Good Idea At The Time. You get your cool configuration in place with lots of local hax and the network hums along. Then the developer who wrote the hax leaves because of something or another. And the person who configured the box leaves due to management politics, and then the Windows IT support person takes over, along with the smart person on the front-line tech support desk. Then you hit your first major security bug with your local route reflector and the vendor patch causes your configuration to break horribly. Then hilarity ensues. I've seen extreme local messing-around-with-systems at some companies. Hilarity ensued. But there is a silver lining to all this: all these companies learned from their stupidity and never did things like that again. At least, the ones which didn't go bust. As regards collapsing all your bgp requirements into a single BGP box, well, good luck with that. Can I recommend you call this box "spof.apolix.co.za"? It seems quite appropriate. [You could have another single box called "ospf.apolix.co.za", which dealt with all your ospf requirements... just a thought.] Incidentally, I presume your devs have found some way of patching quagga in memory so that every time they write a new local hack or need to fix the previous one, they don't have to bring down the entire network in order to bring it into production? That would bring the entire experiment to a new level of coolness. Anyway, I wish you well with this experiment in the future of your company's existence. Nick