nanog mailing list archives

Re: eBGP Multihop

From: Nick Hilliard <nick () foobar org>
Date: Thu, 02 Sep 2010 17:47:54 +0100

On 02/09/2010 10:30, Graham Beneke wrote:

I have been asked to investigate moving an entire network to multi-hop
on all the eBGP sessions. Basically all upstreams, downstreams and peers
will eBGP with a route reflector located in the core. This RR will be
some kind of quagga or similar box. The dev guys want to be able to poke
at the BGP feeds directly and do *magic* that standard router aren't
capable of.

My gut feel is that this is a bad idea. Besides anything else it makes
sane link state detection very challenging - especially where we have
multiple sessions with a peer.


Of course, this sort of thing is usually great fun and seems like a Very
Good Idea At The Time. You get your cool configuration in place with lots
of local hax and the network hums along.  Then the developer who wrote the
hax leaves because of something or another.  And the person who configured
the box leaves due to management politics, and then the Windows IT support
person takes over, along with the smart person on the front-line tech
support desk.  Then you hit your first major security bug with your local
route reflector and the vendor patch causes your configuration to break
horribly.

Then hilarity ensues.

I've seen extreme local messing-around-with-systems at some companies.
Hilarity ensued.  But there is a silver lining to all this: all these
companies learned from their stupidity and never did things like that
again.  At least, the ones which didn't go bust.

As regards collapsing all your bgp requirements into a single BGP box,
well, good luck with that.  Can I recommend you call this box
"spof.apolix.co.za"?  It seems quite appropriate.

[You could have another single box called "ospf.apolix.co.za", which dealt
with all your ospf requirements... just a thought.]

Incidentally, I presume your devs have found some way of patching quagga in
memory so that every time they write a new local hack or need to fix the
previous one, they don't have to bring down the entire network in order to
bring it into production?  That would bring the entire experiment to a new
level of coolness.

Anyway, I wish you well with this experiment in the future of your
company's existence.

Nick

Current thread:

eBGP Multihop Graham Beneke (Sep 02)
- Re: eBGP Multihop Jack Carrozzo (Sep 02)
- Re: eBGP Multihop Steven King (Sep 02)
- Re: eBGP Multihop Hannes Frederic Sowa (Sep 02)
- Re: eBGP Multihop Nick Hilliard (Sep 02)
- Re: eBGP Multihop Tony Li (Sep 03)
- Re: eBGP Multihop Truman Boyes (Sep 09)