Policy Routing natd+ipfw

[AT Matik]

On Wednesday 09 May 2007 14:05:52 Kirk Davis wrote:
> >
> > I do not know enough about quagga but if you really run BGP
> > and quagga does
> > what BGP is supposed to do I wuold say you shoudl use policy
> > route-map
> > filters for that purpose
>
>    We are probably getting a little off topic for the ipfw list now ;-)
>

well, maybe we will be forgiven :)

>    BGP route-maps will not do what I need.  I am not trying to change
> the routes advertised to my peers (or change the incoming ones that I
> receive).  What I really need to virtual routing tables that I can then
> control how they are updated from the BGP.  Since FreeBSD only has one
> core routing table then I seem to have to use the firewall rules to
> modify the routes.  It works but it is a kludge and doesn't scale well.
>


bypassing bgp with policy forwarding rules does not change route advertising 
to the bgp neighbour and vice-versa. You can do "redistribute static" if you 
are an endpoint but would not be wise eventually. Anyway the advertised 
routes need to be announced by your bgp router upwards and not by any 
artificial routing scenario otherwise there is no way to say that you get the 
traffic back over the same route, even if you frame bgp and they go out over 
path 1 you may get them back over path 3,4,5 or any other bgp may decide. And 
that is the point at the end, bgp does the routing decision when you are 
running bgp. So it does not matter which routing capacities your OS has 
because it comes after bgp did it's job.

João

>    I haven't played with them yet but the changes to ipfw may get me
> closer to what I am looking for although ipfw probably isn't the best
> place to do the full routing solution.
>
> ---- Kirk
>
>
>







A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik  https://datacenter.matik.com.br