nanog mailing list archives
Re: Policy-based routing is evil? Discuss.
From: Stuart Sheldon <stu () actusa net>
Date: Fri, 11 Oct 2013 11:45:10 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi all, We use Linux for our edge routers which have multiple interfaces to different BGP peers. Policy based routing allows us to insure that traffic originating from a particular external IP address on the router, goes out the matching network. We have also used in on client systems to force particular protocols out particular providers. It's not that easy to do on Linux, as you need to make sure you have all the proper link routes on place and positioned properly in the rule chain, or you can really break things. Stu On 10/11/2013 11:35 AM, Christopher Morrow wrote:
On Fri, Oct 11, 2013 at 2:13 PM, William Waites <wwaites () tardis ed ac uk> wrote:On Fri, 11 Oct 2013 10:41:46 -0700, joel jaeggli <joelja () bogus com> said: > evil is not a synonym for ugly patch placed over a problem that > could be handled better. Ok, fair enough. My first experience with PBR was as a summer intern in the mid-1990s who inherited management of a large ATM network that had a big VPN-esque thing built entirely that way and with no documentation. It certainly felt evil at the time. ;)I think really PBR violates this: <http://en.wikipedia.org/wiki/Principle_of_least_astonishment> I see ISP folks MOSTLY avoid PBR, because it does weird things that NOC/ops folks just plain don't expect. I see Enterprise network folks fall back to PBR often, for reasons that they seem happy with... but man it makes things confusing :) -chris
- -- "Sometimes I lie awake at night and I ask, "Is life a multiple choice test or is it a true or false test?" ...Then a voice comes to me out of the dark and says, "We hate to tell you this but life is a thousand word essay." -- Charles M. Schulz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJSWEc2AAoJEFKVLITDJSGSDSAP/iW6s1nM56cwAyQAq8djsn3x OlD40O698iluf9r1ZmDABZqO3dWI/JxGktANmhC34b/ux9qMKx27RBEVS+L5Kp9p f5YJxG0vr0lkqhVGngr9pOKTmOLdnLWwDiL0yUyxXngYm7ZG9E5aQ5mbLSz0DxBB +JGoc4DXzI1lNXMSfklxooAZoRP6dbwxhzC8r/TIbExFyRuf/OgsR9bYB3wjpRvQ 7uXdHiLmLIO68pvRmGIIYQUNQ/aUSI9wod2jdleupK6yoO7fAktrndhj1+lD0TCS kZA5/b2u5O+PJ61ocbK20s/mKVt/joVSfEG5IBQxqxKqpcc9N1x7Kr7XzoQuUFo/ M3szoDZnwIq5zgXWDvvt11+AzG5qraZCxfwaTpwHbuRAC9bZMIZkrpd4LLXTGwvG bxuJmWqcY2ktX5XiyLRgvcYzw+Pkz6uNU+PpS9UYI7x9qSwkYGPomoj5iHbaTrs4 nKBQZgAUUcEkr7+kRfXIhq6ZZKsaoaFGCX8u5WeXBQj78GlEiOMxAthFPYr8iU8X Kai4nCBx+c204hjoYdI5K2aFNztqh8Xj2qW3DyxrqwsKld46ZFut/zKs4qcJLvPP jrs2ihtdsIHDn2QLVoRqHJWdpMn2l/TETbygqnRyO9hYUkqub7Zo/fVJwXCGNZDz quDOESz/QwPH5IrOPiub =ww8J -----END PGP SIGNATURE-----
Current thread:
- Policy-based routing is evil? Discuss. William Waites (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jared Mauch (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jon Lewis (Oct 11)
- Re: Policy-based routing is evil? Discuss. Dobbins, Roland (Oct 11)
- Re: Policy-based routing is evil? Discuss. joel jaeggli (Oct 11)
- Re: Policy-based routing is evil? Discuss. Michael Hallgren (Oct 11)
- Re: Policy-based routing is evil? Discuss. William Waites (Oct 11)
- Re: Policy-based routing is evil? Discuss. Fred Reimer (Oct 11)
- Re: Policy-based routing is evil? Discuss. Christopher Morrow (Oct 11)
- Re: Policy-based routing is evil? Discuss. Stuart Sheldon (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jay Ashworth (Oct 11)
- Re: Policy-based routing is evil? Discuss. Fred Reimer (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jared Mauch (Oct 11)
- Re: Policy-based routing is evil? Discuss. John Kristoff (Oct 11)
- Re: Policy-based routing is evil? Discuss. Leo Bicknell (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 11)
- Re: Policy-based routing is evil? Discuss. Octavio Alvarez (Oct 12)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 12)
- Re: Policy-based routing is evil? Discuss. John Osmon (Oct 12)
- <Possible follow-ups>
- RE: Policy-based routing is evil? Discuss. Phil Bedard (Oct 11)
- Re: Policy-based routing is evil? Discuss. Bruce Pinsky (Oct 11)