On Mon, Nov 25, 2013 at 9:43 AM, Michael Smith <mksm...@mac.com> wrote:
> > On Nov 24, 2013, at 10:36 PM, Eugeniu Patrascu <eu...@imacandi.net> wrote: > > On Fri, Oct 11, 2013 at 8:27 PM, William Waites <wwai...@tardis.ed.ac.uk > >wrote: > > I'm having a discussion with a small network in a part of the world > where bandwidth is scarce and multiple DSL lines are often used for > upstream links. The topic is policy-based routing, which is being > described as "load balancing" where end-user traffic is assigned to a > line according to source address. > > In my opinion the main problems with this are: > > - It's brittle, when a line fails, traffic doesn't re-route > > > You can always know what IPs are on the other end of the link, add static > routes for them to make sure they're reachable and based on ping results > use the link or not. It works fairly well if 1-2 minutes of downtime is not > an issue. I've done this using Linux and a bash script and it worked to > balance traffic across two links with up/down detection. iproute2 does > wonders. > > Or you could run FreeBSD with PF and ifstated and it would be an almost > instantaneous failover. > > Cool toy for scripting. I had no ideea as I'm not very familiar with *BSD. > > - None of the usual debugging tools work properly > > > As long as you don't have asymmetric routing in place, debugging will be > the same. Even so, you can (at least on Linux) do a "tcpdump -i any" and > see what goes in/out of your box :) > > > Asymmetric routing is a fact of life and is fairly common. > If you have asymmetric routing, you may run into other issues, but still you can get stuff working. Just saying that with a little care you can get away without it. > > - Adding a new user is complicated because it has to be done in (at > least) two places > > > I agree it's not scaleable, but for when all you have are DSL lines or low > capacity lines over which you cannot run an IGP, you'll have make it work > with what you have :) > > > But I'm having a distinct lack of success locating rants and diatribes > or even well-reasoned articles supporting this opinion. > > > I would go for the "right tools for the right job" idea and say that PBR in > the case you're mentioning of a valid use and probably the most effective > way of doing business for them. > > Also take into consideration that in many parts of the world, the effort of > configuring and maintaining a setup like this fall in the the day to day > job of one or several network admins. Also, most of the time is cheaper to > hire more people than go and buy let's say professional networking > equipment. > > > Hmm, really? The professional networking equipment required for this type > of thing would be in the ~10k new and significantly cheaper used. That's > not a lot of salary. > > I'm pretty sure there are places that even 6K can be one man's salary for a year or more, so yeah, really it's cheaper to have some one do manual stuff than buy something professional. But I'm veering a bit off-topic with this one. > Mike > Eugeniu