Hi,
First off lets clear up to things:
OSPF is an igp protocol, you would use it to share routes between your
own routers not a transit providers.
iBGP is again an igp, this time BGP will automatically talk iBGP when
talking to routers within the same AS. Your BGP sessions will
automatically talk eBGP to your transits.
Ok so lets look at the way it will need to work, BGP works by
propagating the routes you announce to your up stream 'transit' peers,
via eBGP. In turn these transit providers announce your routes to the
larger internet. Remote AS's will choose a path back to you based on
several factors inc. AS path length, local preference, weighting etc.
You can control to some extent the provider your inbound traffic arrives
on by padding your announcement to one provider over another, outbound
traffic is much easier as you can use various methods of setting local
preferences based on inbound communities etc.
Now this is all great in theory however to do this with two providers
you will need your OWN AS, this is necessary as the transit will simply
filter out any private AS's (65xxx).
You will also need your own reasonably large IP allocation. From your
diagram I see you are using a /28 how did you come by this? If this was
given to you by a provider e.g. ISP1 they will already be announcing
this as part of a summarised route to their transits, as such they
probably won't let you re announce their allocation to ISP2. Even if
this IP space has been allocated to you e.g. by ripe many transit
providers are now filtering out smaller routes such as /24 routes, let
alone /28 in an effort to keep their routing tables to a minimum. See
below we're now at about 260k routes! So in this case even if ISP1 & 2
re transmit your routes their upstreams will filter you out so you won't
get connectivity.
Now I'm no BGP expert by any means so please forgive me if any of this
is wrong or misleading.
Out of pure 'play' factor I do maintain a BGP peering session with one
of my ISP's from a OpenBSD 4.3 box, I usually use Cisco so wanted to
play OpenBGP.
# bgpctl sh sum
Neighbor AS MsgRcvd MsgSent OutQ Up/Down
State/PrfRcvd
MT Peering 13122 183343 3245 0 2d06h03m 263451
#
I would suggest your best bet is to follow the good advice of others and
look at the multi homed solutions suggested.
Hope that helps
Simon
BARDOU Pierre wrote:
Hello,
I am trying to set up a configuraion like this :
+------- -+ +---------+
| ISP1 | | ISP2 | Cisco
| ROUTER | | ROUTER |
| AS3215 | | AS12670 |
+---------+ +---------+
| |
| |
+---------+ +---------+
| BGP | | BGP |
| ROUTER | | ROUTER | OpenBSD 4.3
| AS47818 | | AS45818 |
+---------+ +---------+
| |
| |
+-------------------------+
| 217.109.108.240/28 |
+-------------------------+
| |
| |
+--------+ +-------+
| FW |--------| FW | OpenBSD 4.3
| MASTER | pfsync | SLAVE |
+--------+ +-------+
| |
| |
+-------------------------+
| PRIVATE NETWORKS |
+-------------------------+
I'd like to load balance outgoing connections to the internet,
but I don't know how to configure openBGPd to do this.
I searched a lot on the Internet and I found a lot of informations
on how to do this with cisco, but I have never found an openBGP solution.
Some people speak about it but I have never seen it.
I made a test conf where failover works like a charm (using iBGP on the
FW's with 'set nexhop self' on BGP routers), but when both connections
are active only one is used.
Would it be possible to help me please ?
Is setting up iBGP sessions between FW's and BGP routers a good idea ?
Should I rather use OSPF for this ?
And in tha case how to configure it to loadbalance/failover ?
Many thanks
PS : loadbalancing incoming connections too would be very nice, but I
understood it was much more difficult.
--
Cordialement,
Pierre BARDOU
