[quagga-users 7548] Re: expanding a bgp connection over gre tunnel

Rosario Pingaro rpingar at nesec.it
Sun Sep 17 13:40:26 IST 2006


my topology is pretty easy:

I have an ethernet connection from the transport provider with a /30, on eip 
for my port and one to use as a gateway (the gateway work only to reach the 
uèstream provider).
So I build the tunnel between my box and a router of my upstream using this 
connection using the scrip I metioned above.
On the tunnel interface we have a public /30.

So I have a static route to reach the bgp peer through the tunnel interface.

It has been working great.
Now it is time to double the tansport layer.

The transport provider will provide me a second port with a seconf /30 to 
reach the remote endpoint of the tunnel.

My first idea was to use two static route to reach the tunnel endopint. So I 
will have ECMP on the tunnel. But I have never done it and I dosn't know if 
the kernel will balance the traffic giving the fact that it is a tunneled 
traffic.

So the idea of my upstream was to use two gre tunnels and then use two 
static route to reach the loopback bgp peer. He can do it easly because 
cisco supports recursive nexthop on bgp, but quagga doesn't.

Hope this clarify what I am going to accomplish.

Rosario

----- Original Message ----- 
From: "Paul Jakma" <paul at clubi.ie>
To: "Rosario Pingaro" <rpingar at nesec.it>
Cc: <Quagga-users at lists.quagga.net>
Sent: Sunday, September 17, 2006 12:22 PM
Subject: Re: [quagga-users 7544] Re: expanding a bgp connection over gre 
tunnel


> On Sun, 17 Sep 2006, Rosario Pingaro wrote:
>
>> the main fact is that L2 is not usable at all baceuw the traffic between 
>> ma and my upstream is transported by a thrid party.
>
> Ok, so can you give some details about the toplogies involved? Both at 
> layer 2, the 'substrate' IP and the tunnel toplogy involved.
>
> E.g. is there just /one/ remote router? If so, it is impossible at present 
> to have more than one BGP session between the same two BGP speakers. So 
> there's no point having more than one tunnel, you need instead to route 
> the /tunnel/ in some kind of balanced/fail-over way.
>
> Hard to say without a more detailed picture of your network really..
>
> regards,
> -- 
> Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
> Fortune:
> Your lucky number has been disconnected.
>
> 




More information about the Quagga-users mailing list