On Mon, Nov 25, 2013 at 9:43 AM, Michael Smith <mksmith@mac.com> wrote:
On Nov 24, 2013, at 10:36 PM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
On Fri, Oct 11, 2013 at 8:27 PM, William Waites <wwaites@tardis.ed.ac.uk
wrote:
I'm having a discussion with a small network in a part of the world where bandwidth is scarce and multiple DSL lines are often used for upstream links. The topic is policy-based routing, which is being described as "load balancing" where end-user traffic is assigned to a line according to source address.
In my opinion the main problems with this are:
- It's brittle, when a line fails, traffic doesn't re-route
You can always know what IPs are on the other end of the link, add static routes for them to make sure they're reachable and based on ping results use the link or not. It works fairly well if 1-2 minutes of downtime is not an issue. I've done this using Linux and a bash script and it worked to balance traffic across two links with up/down detection. iproute2 does wonders.
Or you could run FreeBSD with PF and ifstated and it would be an almost instantaneous failover.
Cool toy for scripting. I had no ideea as I'm not very familiar with *BSD.
- None of the usual debugging tools work properly
As long as you don't have asymmetric routing in place, debugging will be the same. Even so, you can (at least on Linux) do a "tcpdump -i any" and see what goes in/out of your box :)
Asymmetric routing is a fact of life and is fairly common.
If you have asymmetric routing, you may run into other issues, but still you can get stuff working. Just saying that with a little care you can get away without it.
- Adding a new user is complicated because it has to be done in (at least) two places
I agree it's not scaleable, but for when all you have are DSL lines or low capacity lines over which you cannot run an IGP, you'll have make it work with what you have :)
But I'm having a distinct lack of success locating rants and diatribes or even well-reasoned articles supporting this opinion.
I would go for the "right tools for the right job" idea and say that PBR in the case you're mentioning of a valid use and probably the most effective way of doing business for them.
Also take into consideration that in many parts of the world, the effort of configuring and maintaining a setup like this fall in the the day to day job of one or several network admins. Also, most of the time is cheaper to hire more people than go and buy let's say professional networking equipment.
Hmm, really? The professional networking equipment required for this type of thing would be in the ~10k new and significantly cheaper used. That's not a lot of salary.
I'm pretty sure there are places that even 6K can be one man's salary for a year or more, so yeah, really it's cheaper to have some one do manual stuff than buy something professional. But I'm veering a bit off-topic with this one.
Mike
Eugeniu