[c-nsp] Rationale for ISIS default origination behavior
Saku Ytti
saku at ytti.fi
Wed Jan 23 07:33:08 EST 2013
On (2013-01-23 23:00 +1100), Andrew Miehs wrote:
> In your diagram the only router with an Internet connection is PE2.
> PE2 should be the only thing announcing a default back towards your network.
> If PE1 also had an Internet connection, then it should also announce a
> default back into your network.
The diagram was to answer to you specifically why you can't just route to
your direct upstreams.
> Your provider (INET) should be able to announce a default for you if you
> request it.
We don't. We advertise to our customers prefix to which they static route.
If our PE is disconnected from core, we don't have that prefix to send to
the customer, so we don't blackhole customer.
> HOWEVER: If we are talking about service provider networks - what is the
> purpose of your default route?
As it recurses you can use it to your advantage to gain higher level of
trust of default destinations ability to transport packets.
Gert suggested that you static route in ASBR to your PEER IP.
- static route always valid, if PEER is up. Regardless if it ARPs,
regardless if BGP is up.
If non ASBR has
a) static to 8.8.8.8 (or any trustworthy, important, stable eBGP)
and
b) static to ASBR anycast (worse admin than above)
You normally are always using closest ASBR with working eBGP. In case of
8.8.8.8 disappearing from global table, you're using closest ASBR, hoping
it has connection to INET.
No need for magic features like conditional advertising or anything
complex.
No need to carry default in BGP (or Cthulhu forbid in IGP)
--
++ytti
More information about the cisco-nsp
mailing list