Re: multihomed linux box
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
>
> > Generally BGP is the way to do it.
>
> BGP is outta the question for me..i asked cisco about that a couple
> months ago and they said 128MB was minimum for BGP on routers.
And that's not even a full BGP feed :) A full feed if closer to 135 - 140
MB
> my routers have 8MB each ..
And in another post you said you only have 2500s. I think the only thing
slower is an AccessPro (a 2501 on an ISA card). From what I hear you need
at least a 3640 or so for BGP.
And you won't come close to getting even a partial feed if you have less
than a /24.
> yeah thats what it looks like. so hopefully i can find something
> other then routed.
GNU Zebra :)
> i dont want to enable rip, this should be a very basic routing thing.
> its not like it needs to be dynamic its either gateway A or B if A is
> down. not very complicated!!
No it's not. But sometimes devices dedicated to a certain task (a Cisco,
in this case) can do a better job at something than a general- purpose
device (a PC running Linux, in this case).
Oh, and I have good news: in my *limited* testing, your trick with the
metrics works fine: I remotely disabled one of the internet connections at
work, and the Linux firewall *automatically* switched over to use one of
the other internet connections. Thanks to the magic of policy routing I
sayed in contact with the firewall the whole time :)
I do, however, have rp_filter turned off (ie I have "spoofprotect=no" in
/etc/network/options).
I'm still going to play with it some more tomorrow.
- --
- ----------------------------------------------------------------------
Phil Brutsche pbrutsch@tux.creighton.edu
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine
iD8DBQE7Soyd/ZTSZFDeHPwRAhlVAKCP6Stb+lLAF7fDkjAOXulGh7R9TACeKOCG
Wi6VxERBRnkXLePlZCEz1GI=
=hDRx
-----END PGP SIGNATURE-----
Reply to: