[j-nsp] Load Balancing via BGP outbound at Colo
Peter E. Fry
pfry-lists at redsword.com
Thu Mar 15 18:43:32 EST 2007
From: Jesper Skriver <jesper at skriver.dk>
[...]
> So in short, using 'no-export' is HIGHLY dangerous, and
> should be used with great care - in fact I would strongly
> recommend not to use it.
This is an excellent point. I've been seeing more and
more evidence lately (the latest bit being this thread:
https://puck.nether.net/pipermail/cisco-nsp/2007-March/038882.html)
that exotic manipulation of BGP is on the way out.
Seemingly straightforward routing and filtering policies can
interact in ways that can be tough to anticipate. Many of
the old tricks of the past such as announcing more specific
routes to individual peers or using upstream export controls
are a good idea only for folks who like chasing odd black
holes.
> Instead prepend your advertisments to upsteams that you
> only want to use as backup, and/or inquire with those
> providers, if they have communities you can use to have
> them preprend when you re-advertise your prefixes.
More common are communities that instruct your upstream to
assign a particular local pref -- similar, but they tend to
be more positive, and less applicable if I follow your
intent. Also, I tend to recommend against prepending
differently on multiple links to a single provider, as it
can unnecessarily propagate disruptions upstream. Those are
a bit aside, but hey.
Peter E. Fry
More information about the juniper-nsp
mailing list