Hi,
We have upgraded to 5.4 in production and now have our OSPF routes being
announced from our CARP 'backup' with a max value metric, and the CARP
'master' announcing with the default/defined metrics. This works great
in testing so far and directs all traffic to the CARP master.
Would it be possible to make a change to BGP (further from another
thread I started here a while ago regarding dual-stack woes), whereby
you can set the local_pref to send if CARP primary (high local_pref) and
the local_pref to send if CARP backup (low local_pref) (controls the
packet flow from our iBGP peers). And set the MED to send if Primary
(low MED), and the MED to send if Backup (High MED) (this can allow the
control of packet flows from our eBGP peers (assuming they honor MED/no
other BGP decision match is found first)).
Are their any other BGP attributes which would also be good for this and
should be added?
It would be great if we could have firewalls which run BGP and also
which have to have CARP interfaces on the outside and inside (for legacy
v4 NAT..), to also work for routed v6 without requiring sloopy states on
the v6 rules and the one of two routed v4 rules (ensure BGP routed
traffic is sent to the CARP 'master')..
This seems sensible to me as it would mean a significant improvement in
security (full state tracking), and an improvement in performance (state
searches not rule traversal)?
Personally I think it would be great if you could define every BGP
attribute which you can already set now with values according to CARP state.
Cheers, Andy.
- BGP changes to support CARP better Andy
-
