Hello, I tried to follow your advices, and I set : network 1.1.1.0/24 network 1.1.1.0/25 set prepend-self 5
The /25 appears on the RIB of router A, but not in ISP A router RIB. Why ? My only filter rule is "allow from any" A few details : * 1.1.1.0/24 is for testing purposes an used only in my (isolated) lab. I have a true /24, registered with RIPE. * I have an MPLS VPN between my two sites, which uses different wires from Internet * I didn't knew the issue about propagating a /25 to the internet. Thanks for the information, I'll have to think about that before setting this in production... Many thanks for the help -- Cordialement, Pierre BARDOU -----Message d'origine----- De : Stuart Henderson [mailto:s...@spacehopper.org] Envoyi : samedi 26 juin 2010 12:18 @ : misc@openbsd.org Objet : Re: Load balancing incoming trafic with BGP On 2010-06-25, BARDOU Pierre <bardo...@mipih.fr> wrote: > I have issues trying to setup this : > > ISP A ISP B > | | > Router A Router B > Main site ------- Backup site > 1.1.1.0/25 1.1.1.128/25 I think you will have to rethink a bit. Even if your immediate upstreams accept it (which is unlikely without a special arrangement), there is no way that most of the internet will accept a /25 announcement. You would want to use at least a /23 for the whole net, so your site-specific announcements can be /24. You will also have to ensure connectivity between the two sites under normal conditions (if you don't have a direct link, then you could consider a tunnel between addresses from outside this network; either plain gif/gre and accept the restricted MTU, or you could use a gre+vether+bridge+pf setup which would let you run at the lowest MTU of the physical links between them). > I'd like that connections to the main site flow through ISP A, to the backup > site flow through ISP B, with backup through the other ISP if one fails. > So I set up openBGPd like this : > Router A : > AS 65001 > network 1.1.1.0/25 > network 1.1.1.128/25 set prepend-self 5 >From one site you would want to announce x.x.x.0/25 and x.x.x.0/24 >From the other you want x.x.x.128/25 and x.x.x.0/24 (or similar with /24 and /23 if you actually want it to work from the rest of the internet). Also: note that 1.0.0.0/8 is an allocated network. Please do not use addresses from this block even as a test network unless they are properly allocated to you (which being in europe, they are not).
