On Dec 1, 2010, at 5:05 PM, Jack Bates wrote: > On 12/1/2010 3:56 PM, Patrick W. Gilmore wrote: >> Having islands which point default is not ugly. They are probably pointing >> default anyway. > > If all sites strictly do default, fine. However, one could say static routing > would work fine there too; and then you don't need an ASN. If each site is > multihomed (the usual reason to run BGP), you might want to see the routes to > apply appropriate traffic policies to them.
Just because you have one transit doesn't mean you shouldn't do BGP. Consider the router at an exchange point with 100+ peers and one transit, for instance. >> If not, typing "nei $FOO allowas-in" is also not ugly, IMHO. > > Works, but you usually need to be careful when utilizing that method to > prevent loops. There is always a "you usually need to be careful" with any implementation, including a network without islands. If this is, for instance, a bunch of remote offices with a single router & two upstreams each, there is zero risk of routing loops. Otherwise, there are always considerations, whatever your topology choice. >> But your network, your decision. Mine runs fine like that. > > I'm surprised that you left out the obvious workaround and depending on the > traffic, the most appropriate model (leaving workaround status), create an > encrypted channel between the networks and run iBGP over it. If you think you need to be careful with allowas-in, you need to be an order of magnitude more careful with tunnels. Plus I don't like GRE. :) -- TTFN, patrick
