nanog mailing list archives
Re: Policy-based routing is evil? Discuss.
From: Jeff Kell <jeff-kell () utc edu>
Date: Fri, 11 Oct 2013 23:31:41 -0400
As others have pointed out, PBR ... * Is a fragile configuration. You're typically forcing next-hop without a [direct] failover option, * Often incurs a penalty (hardware cycles, conflicting feature sets, or outright punting to software), * Doesn't naturally load-balance (you pick the source ranges you route where) However, there are few alternatives in some cases... * If you are using some provider-owned IP space you often must route to that provider, * There may be policies restricting what traffic (sources) can transit a given provider There are few alternatives for the latter cases, unless you split the border across VRFs and assign routing policy on the VRF, which is a global decision across the VRF, and avoids PBR. We're doing a little of both, so I clearly don't take sides :) Jeff
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: Policy-based routing is evil? Discuss., (continued)
- Re: Policy-based routing is evil? Discuss. Jay Ashworth (Oct 11)
- Re: Policy-based routing is evil? Discuss. Fred Reimer (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jay Ashworth (Oct 11)
- Re: Policy-based routing is evil? Discuss. John Kristoff (Oct 11)
- Re: Policy-based routing is evil? Discuss. Leo Bicknell (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 11)
- Re: Policy-based routing is evil? Discuss. Octavio Alvarez (Oct 12)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 12)
- Re: Policy-based routing is evil? Discuss. John Osmon (Oct 12)
- RE: Policy-based routing is evil? Discuss. Phil Bedard (Oct 11)
- Re: Policy-based routing is evil? Discuss. Bruce Pinsky (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jeff Kell (Oct 11)
- Re: Policy-based routing is evil? Discuss. Bruce Pinsky (Oct 11)