Search Results

Search found 42 results on 2 pages for 'bgp'.

Page 1/2 | 1 2  | Next Page >

  • ASA 5505 BGP not supported?

    - by sorrrydoctorforlove
    Hey, I need to configure BGP on an ASA 5505, according to certain sources it isn't supported, yet I can find resources on the internet giving information on how to configure BGP. I'd really like an expert to answer some queries for me. Can you configure BGP on the ASA 5505? 1b. if you can't, what can you use in its place?

    Read the article

  • Freebsd or Linux? as BGP router over 100mbps

    - by Yucong Sun
    I am building a server to act as a BGP border router for my 100mbps uplink in ISP. I needs these feature: 1) Dual stack BGP peering/routing (at least 100Mbps, maybe more). 2) Potential full internet BGP feed. 3) Some basic ACL functionality. The hardware is L3426/8G ram. NIC will be on-board dual port Broadcom 5716. I've worked with Linux extensively before and it seems to be able to handle 100mbps, but I heard FreeBSD is faster on networking stuff. Which one should I use? And do we have some performance benchmark numbers out there? Cheers.

    Read the article

  • BGP Dual-As support, any RFC?

    - by Saran
    Generally most of routers like cisco and junos allow a router to have dual-As to be configured via a "local-as" command which overrides the global as-number configured in "router bgp ". Also local-as prepending may or may not happen based on configurations; for example "no-prepend" in cisco. Now my question is, is there any RFC which which standardises this Dual-As support?? Which provides guidelines on whether or not to prepend the "local-as" to As-Path attributes in the Bgp updates ?

    Read the article

  • Configuring Nagios BGP plugin on Ubuntu

    - by user141610
    I am trying to configure nagios check_bgp_neighbors plug-in on Ubuntu and followed README file of check_bgp_neighbors plug-in. I have made following changes: define command{ command_name check_bgp_all command_line $USER1$/check_bgp_neighbors -H $HOSTADDRESS$ -C $USER3$ -n $ARG1$ -n $ARG2$ } to define command{ command_name check_bgp_all command_line /usr/local/nagios/libexec/check_bgp_neighbors.sh -H xx.xx.xx.49 -C xx.xx.xx.50 And define service{ use server-service hostgroup_name svc-bgp1 service_description BGP Check 1 check_command check_bgp_all!10.0.0.1!172.16.0.2 } to define service{ use generic-service hostgroup_name svc-bgp1 service_description BGP Check 1 check_command check_bgp_all!xx.xx.xx.50 } xx.xx.xx.49 is the IP of the host router and xx.xx.xx.50 is the IP of eBGP neighbour. After that it shows critical status. I know my command is not correct but cannot detect the problem. I learned that in this plug-in user-name and password of the host router are required but don't know how and where to provide it. Nagios log does not show any error message. Status information: Failed: status:0 prefixes:0 sent:0 received:0

    Read the article

  • BGP Multipath & return routes

    - by Dennis van der Stelt
    I'm probably a complete n00b concerning serverfault related questions, but our IT department makes a bold statement I wish to verify. I've searched the internet, but can find nothing related to my question, so I come here. We have Threat Management Gateway 2010 and we used to just route the request to IIS and it contained the ip address so we could see where it was coming from. But now they turned on "Requests apear to come the TMG server" so ip addresses aren't forwarded anymore. Every request has the ip of the TMG server. Now the idea behind this is that because of multipath bgp routes, the incoming request goes over RouteA, but the acknowledgement messages could return over RouteB. The claim is that because the request doesn't come from the first known source, our proxy, but instead from IIS, some smart routers at the visitor of our websites don't recognize the acknowledgement message and filter it out. In other words, the response never arrives. Again, this is the claim. But I cannot find ANY resources on the internet that support this claim. I do read about bgp multipath, but more in the case that there are alternative routes when the fastest route fails for some reason. So is the claim completely bogus or is there (some) truth to it? Can someone explain or point me to resources? Thanks in advance!

    Read the article

  • BGP path prepended route not listed anywhere

    - by Julien Vehent
    We have a simple multi-homed setup with two routers that advertise our AS to two ISP. The second ISP (ISP B) is only used for backup when ISP A goes down, so we prepended our AS 3 times on this route. I spend a couple of hours this morning poking at looking glass routers all over the internet, and none of them list our backup route with the prepended path. I checked the south african internet exchange, the london internet exchange, oregon internet exchange and a couple dozen ISPs. All of them have multiples routes through ISP A, often with 3 or 4 hops. The route through ISP B should, at least, appear somewhere and have 5 or 6 hops. But I couldn't find it anywhere. (I checked the full bgp tables on the looking glass routers, using show ip bgp 65000) My questions are: Is there a limit to the size of a route after which most routers will simply discard the route ? Is our backup route even going to work when ISP A goes down, if no router knows about it ? Our two routers are connected on iBGP. Would it be possible that the route through ISPB is not announced because the iBGP session prefers the route through ISPA ? This is what non-exist-map and advertise-map are supposed to do, but none of those are used in either routers.

    Read the article

  • Is Internet routing (BGP) fully automated?

    - by Adal
    If all the routing tables on the Internet would be erased simultaneously, will the routers be able to rediscover them automatically? I'm having an argument with a colleague who says that the RIPE routing tables are essential, but I remember reading that if the tables disappeared, the BGP protocol will allow routers to rediscover working routes between nodes by querying their neighbors which in turn will query their neighbors until a working route will be detected. Then that route will be used to repopulate the routing tables. After a while, all the routes will be restored (not necessarily the optimal routes). Is that correct?

    Read the article

  • BGP Router reccomendations for simple redundancy [closed]

    - by Jona
    We have two sites that each have an internet connection and have a dedicated dark fibre between them. Each site has it's own IP space and we have an AS number. We're looking to be resilient to failure of the internet connection to either site and so need to buy a pair of approriate routers. Requirements are: Able to run 2 bgp sessions (one with the ISP, one with the other site router) Option to take a full table from the upstream ISPs would be nice. Able to provide HA gateways on the LAN side (e.g. 192.168.0.254 will automatically migrate if it's host router lost power) A dedicated device rather than a server running Linux / BSD Not crazy expensive. Any help / advice much appreciated.

    Read the article

  • Experiences with BIRD for BGP?

    - by Shtééf
    We're currently using Quagga with Debian Linux to run a full table BGP router. The set-up has been dead simple up to now, but we've come to a point where I have to reconfigure the router quite a bit, and want to tighten things up. I've never really understood Quagga, and always found its documentation to be lacking. It appears to be mimicking Cisco, of which I only have basic understanding. BIRD has caught my eye recently. The couple of articles / presentations I found promote it as lightweight and more responsive under stress compared to Quagga. And it actually seems to have very decent documentation. So I'd like to know: Who's running BIRD right now, and in what kind of set-up? How is it stability-wise? I've read about it running in a couple of sites in production. Let's say I don't care at all for a Cisco-feel to configuration. How is configuration, maintainance, monitoring, etc. of BIRD in general? And any other notable experiences you may have with it.

    Read the article

  • BGP Multihomed/Multi-location best practice

    - by Tom O'Connor
    We're in the process of designing a new iteration of our network where we improve resilliency by adding a second datacentre. We'll be adding a second datacentre, with an identical configuration of servers as our primary location. To achieve network connectivity, we're looking into a couple of possible methods. See earlier questions http://serverfault.com/questions/86736/best-way-to-improve-resilience and http://serverfault.com/questions/101582/dns-round-robin-failover-and-load-balancing I'm pretty convinced that BGP is the right way to go about this, and this question is not about RRDNS. 1) If we have 2 locations, do we announce the same IP address block from both locations? 2) If we did this, but had a management ssh interface on x.x.x.50 from datacentre A, but it was on x.x.x.150 in datacentre B. What is the best practice mechanism for achieving this? Because if I were nearest to A, then all my traffic would go to x.50, but if i attempted to connect to x.150, I'd not be able to connect, because this address wouldn't be valid at A, but only at B. Is the best solution to announce 2 different netblocks, one at each location, facilitating the need for RRDNS, or to announce a single block, and run some form of VPN between the two sites for managment traffic?

    Read the article

  • Nagios check_bgp_neighbors plugin showing critical status

    - by user141610
    I am trying to configure nagios check_bgp_neighbors plug-in on Ubuntu and followed README file of check_bgp_neighbors plug-in. I have made following changes: define command{ command_name check_bgp_all command_line $USER1$/check_bgp_neighbors -H $HOSTADDRESS$ -C $USER3$ -n $ARG1$ -n $ARG2$ } to define command{ command_name check_bgp_all command_line /usr/local/nagios/libexec/check_bgp_neighbors.sh -H xx.xx.xx.49 -C snmpName -n xx.xx.xx.50 And define service{ use server-service hostgroup_name svc-bgp1 service_description BGP Check 1 check_command check_bgp_all!10.0.0.1!172.16.0.2 } to define service{ use generic-service hostgroup_name svc-bgp1 service_description BGP Check 1 check_command check_bgp_all!xx.xx.xx.50 } xx.xx.xx.49 is the IP of the host router and xx.xx.xx.50 is the IP of eBGP neighbour. Status information: line: neighbor:xx.xx.xx.50:sent:78838:received:9769 Failed: status:6 prefixes:16 sent:0 received:1 Log [1353997904] SERVICE NOTIFICATION: router1;router1;BGP CHECK 2;CRITICAL;notify-service-by-email;line: neighbor:103.7.248.50:sent:78842:received:9772 [1353997904] SERVICE NOTIFICATION: router1;router1;BGP CHECK 2;CRITICAL;notify-service-by-sms;line: neighbor:103.7.248.50:sent:78842:received:9772 Why does it show critical status???? I am not getting response for this question, if you need additional information please mention it in comment.

    Read the article

  • DNS Round-robin failover and load balancing

    - by Tom O'Connor
    Having read all of the questions and answers (1 2 3 and so on) on here relating to DNS load balancing, and Round-robin DNS, there's still a number of unanswered questions.. Large companies, and I'm looking at Google, Facebook and Twitter here, do present multiple A records. 1) If DNS loadbalancing/failover is so dodgy, why do large organisations do it? There seems to be very little mention of "DNS Pinning", despite this (PDF) paper about it. 2) Why is DNS Pinning so seldom mentioned? 3) Are there any concrete examples of which ISPs and so on actually do rewrite DNS TTLs? That said, I'm not entirely backing the side for using DNS for failover or any form of load balancing. For most networks, BGP diverse routing still seems to be a better fit. DNS rears it's ugly head again. :(

    Read the article

  • What are the advantages of OSPF vs nexthop self with iBGP?

    - by Matt Hamilton
    Assuming I have a fairly small network internally, but I have 4 routers each connected out to a different network. The routers are all sat next to each other connected via a switch. Each router uses BGP to speak to the outside networks. There is an iBGP mesh for each router to exchange the routes internally it knows about from each external network. The usual setup is to use OSPF to distribute the connected routes, as the routes via iBGP will still have the next hop set to their original value. What is the advantage of using OSPF in this scenario versus simply using 'set nexthop self' on the routes?

    Read the article

  • Compare Quagga to XORP

    - by Sargun Dhillon
    What do you think of Quagga compared to XORP as a dynamic software routing engine? What are the technical merits of each engine comparatively? Additionally, what do most people think of them from a programming view. Who has manipulated networks using these enginers? I was wondering from an OSPF, routing, BGP protocol user's perpspective.

    Read the article

  • Loadbalancing outbound traffic while using openbgpd on freebsd

    - by Rajkumar S
    Hi, I am using openbgpd in freeBSD with 2 ISP connections. I have my own AS number and a /22 network. Currently I am advertising entire /22 to both networks. Inbound traffic comes in But my outbound traffic goes via a single link. I would like to either distribute my outbound traffic via both links so that outbound traffic is also load balanced. How to configure this using openbgpd in freebsd? My current openbgpd config is attached for reference. AS 00my-as listen on xx.xx.xx.x router-id xx.xx.xx.x network aa.aa.aa.0/22 group "ISP1" { remote-as 11remoteas-1 neighbor bb.bb.bb.1 { descr "ISP1" announce all } } group "ISP2" { remote-as 22remoteas-2 neighbor cc.cc.cc.37 { descr "ISP2" announce all } } deny from any deny to any allow from bb.bb.bb.1 allow to bb.bb.bb.1 allow from cc.cc.cc.37 allow to cc.cc.cc.37

    Read the article

  • route propogation using OSPF in a network

    - by liv2hak
    I am using Juniper J-series routers to emulate a small telco and VPN customer.The internal routing will be configured with OSPF,MPLS including a default and backup path,RSVP for distributing labels withing the telco,OSPF for distributing routes from the customer edge (CE) routers to the VRF's in the adjacent PE's and finally iBGP for distributing customer routes between VRF's in different PEs. The topology of the network is shown below. The Addressing scheme for the network is as follows. UOW-TAU ******* ge-0/0/0 192.168.3.1 TAU-PE1 ******* ge-0/0/0 10.0.1.0 ge-0/0/1 10.0.2.0 ge-0/0/2 192.168.3.2 TAU-P1 ****** ge-0/0/0 172.16.1.0 ge-0/0/1 172.16.3.1 ge-0/0/2 10.0.2.2 HAM-P1 ****** ge-0/0/0 172.16.3.2 ge-0/0/1 172.16.2.1 ge-0/0/3 10.0.3.2 ACK-P1 ****** ge-0/0/0 172.16.1.2 ge-0/0/2 172.16.2.2 ge-0/0/3 10.0.1.2 HAM-PE1 ******* ge-0/0/0 10.0.3.1 ge-0/0/2 192.168.4.2 UOW-HAM ******* ge-0/0/0 192.168.4.1 I also set up loopback address for each node. I want to setup OSPF so that path to each internal subnet and router loopback address is propogated to all PE and P nodes.I also want to select a single area for PE and P nodes,and on each node I should add each interface that should be propogated. How do I accomplish this.? With my understanding below is the procedure to achieve this.Is the below explanation correct? I set up OSPF on UOW-TAU ge-0/0/0 interface and ge-0/0/1 interface and UOW-HAM ge-0/0/0 interface and ge-0/0/1 interface. let me call this Area 100. Once I have done this I should be able to reach each node from others using ping and traceroute. Any help is highly appreciated.

    Read the article

  • Amazon CloudFront and EC2: Global Load Balancing

    - by Matt Rogish
    We have an app that is going to store and serve up a decent amount of data in S3 to a global audience where latency should be minimized. So, we've been doing tests with Amazon CloudFront and have seen favorable results. However, we need a thin middleware layer (to do security etc.) and we'd like to put that in EC2. Due to security restrictions, this middleware layer will do the file streaming from S3/CloudFront: S3/CloudFront - EC2 - Clients We can geographically distribute the EC2 nodes (US East/West, and Ireland) but the problem is that a client in the EU would hit our US server and be fed data from there, thus rendering much of the performance benefit of CloudFront moot. I've been digging through the EC2 docs but I can't find a built-in way to get a geographically distributed version of EC2 a la CloudFront. Elastic Load Balancing sounds like the way to go, but I can't seem to find a way with that to direct based on routing... Preferably, we'd like to keep the amount of stuff outside of EC2/S3/etc. to a minimum (for obvious reasons). Any ideas how to do that within the EC2/S3 framework? DNS/routing tricks? Thanks!

    Read the article

  • High latency due to non-presence of a transit provider in my country

    - by nixnotwin
    My ISP, a state owned incumbent, buys bandwidth from different transit providers. Whenever it buys transits it announces only a specific prefix (in most cases a hitherto unused) through the new transit AS. For e.g. if it runs out of bandwidth, it buys bandwidth from a new transit and announces a new prefix through it, while the same prefix is not announced (or announced with lowest metrics, so that the routes are very rarely used) via the old transits which continue to provide bandwidth to it. I am a business customer, so I have a fiber based link to the ISP and a tiny subnet is given to me. The subnet which is provide to me is part of a prefix which is announced by the AS of a transit who, it seems, do not have a presence in my country. So when I do a trace the packets, when they leave my ISP's AS, they take about 275ms to reach the transit providers core router, which is located in USA (half the world away). Also for upstream traffic my ISP uses a transit provider (tier 1) who has a presence in my country. But the return path is always through the transit which is in USA. So, average latency is 400ms. All the users of other ISPs in my country discover my subnet via USA. Even the traffic from neighboring countries, from Europe (which is much nearer) follows the path via USA. Sites using CDNs also resolve to ips in USA. I have informed the ISP NOC about the issue and I have asked them to provide an ip subnet belonging to a prefix announced by a local transit (preferably a tier 1 transit provider) and I am waiting for a reply. My question: Is it a serious issue that I must follow up to get it resolved? When I compared the latency on other providers in my country, it is, in most cases, less than half of my ISPs latency. Why my ISP doesn't announce all its prefixes to all of its transit providers, so that the packets can take efficient and nearest routes to reach prefixes that originate within its network?

    Read the article

  • How to prevent asymmetric routing with multiple eBGP routers?

    - by Andy Shinn
    I have 2 routers announcing a /22 subnet to different providers (one providers connects to each of the 2 routers). I have split the /22 in two /23 to announce one /23 on each of the routers plus the /22 (the providers will take the more specific route). This allows me to fail over and keep traffic inside the /23 in and out the same provider. What are other ways in which I could announce just the /22 with both routers and have packets from servers on the network behind the routers go back out the same router in which they came in from? EDIT: The main problem I come across, which end users and clients complain about the most, is that the least hop route is sometimes not the "optimal" route. In my case, I know that Provider B may have better latency to X nation. But when packets come in from provider B, they may go out Provider A or provider B. The reverse is also true. If I send a packet to X nation out provider A, even though it may have more hops back, the packet will likely come in from Provider B (which may have higher latency, packet loss, etc. to this nation)

    Read the article

  • route view for new IPs?

    - by Clear.Cache
    The route view method is not working for me telnet route-views.routeviews.org (logged in with user "rviews") route-viewsshow ip bgp 173.244.44.0 | inc 10464 route-viewsshow ip bgp 173.244.44.0 % Network not in table route-views Am I doing something wrong?

    Read the article

  • Is there a Twitter Bootstrap class that means "initially hidden"?

    - by bgp
    Using Bootstrap 3, I have an element on a page I want to show later in response to the user clicking a button. Example: <div id="search_results"> ... gets populated from ajax data later ... </div> <button id="search_button" type="button" class="btn btn-primary pull-right">Search</button> <script> $('#search_button').click(function() { // ... do the call to search // and in the callback: $('#search_results').show(); }); </script> The search_results div should be initially hidden. Is there some normal/best practice way of doing this with bootstrap? Yes, I do realize I can just put style="display:none" on search_results, but is that the best way to do it? It would seem to be a bit better to have a style that semantically means "initially hidden". (NOTE: The hidden or hide classes don't do this as they are !important and show(), toggle(), etc. use an inline style which does not override them, i.e. setting "hidden" as the class makes it unshowable from jQuery.)

    Read the article

  • MPLS basic configuration

    - by Vineet Menon
    I want to test out MPLS VPN in my lab. I have 3 routers. 2 PEs and 1P router, all cisco 2921. Something like this, ----- ---- ----- | PE1 |.1____192.168.1.0____.2| P |.2____192.168.2.0____.1| PE2 | | | | | | | ----- ---- ----- lo0:10.1.1.1 lo0:10.1.1.2 lo0:10.1.1.3 Here's the configuration file for each of them, PE1 router hostname PE1 ! no ipv6 cef ip source-route ip cef ! ! ! ip vrf cust1 rd 100:100 route-target export 100:100 route-target import 100:100 ! ! interface Loopback0 ip address 10.1.1.1 255.255.255.255 ! interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/1 ip vrf forwarding cust1 ip address 172.16.1.1 255.255.255.0 duplex auto speed auto ! router ospf 1 network 10.1.1.1 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 ! router bgp 100 bgp log-neighbor-changes neighbor 10.1.1.3 remote-as 100 neighbor 10.1.1.3 update-source Loopback0 neighbor 172.16.1.2 remote-as 65001 ! address-family vpnv4 neighbor 10.1.1.3 activate neighbor 10.1.1.3 send-community extended exit-address-family For P router: hostname P ! no ipv6 cef ip source-route ip cef ! interface Loopback0 ip address 10.1.1.2 255.255.255.255 ! interface GigabitEthernet0/1 ip address 192.168.1.2 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/2 ip address 192.168.2.2 255.255.255.0 duplex auto speed auto ! router ospf 1 network 10.1.1.2 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 ! For PE2 router: ! hostname PE2 ! no ipv6 cef ip source-route ip cef ! ! ! ip vrf cust1 rd 100:100 route-target export 100:100 route-target import 100:100 ! ! ! interface Loopback0 ip address 10.1.1.3 255.255.255.0 ! interface GigabitEthernet0/0 ip address 192.168.2.1 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/1 ip vrf forwarding cust1 ip address 172.16.2.1 255.255.255.0 duplex auto speed auto ! router ospf 1 network 10.1.1.3 0.0.0.0 area 0 network 192.168.2.0 0.0.0.255 area 0 ! router bgp 100 bgp log-neighbor-changes neighbor 10.1.1.1 remote-as 100 neighbor 10.1.1.1 update-source Loopback0 neighbor 172.16.2.2 remote-as 65001 ! address-family vpnv4 neighbor 10.1.1.1 activate neighbor 10.1.1.1 send-community extended exit-address-family ! I am following this article form cisco. But things are not working properly. Any help would be appreciated.

    Read the article

  • What is good usage scenario for Rackspace Cloud Files CDN (powered by AKAMAI) [closed]

    - by Andrew Smith
    I have just setup my website as static page via Rackspace CDN / Akamai. www.example.co.uk is an alias for d9771e6f24423091aebc-345678991111238fabcdef6114258d0e1.r61.cf3.rackcdn.com. d9771e6f24423091aebc-345678991111238fabcdef6114258d0e1.r61.cf3.rackcdn.com is an alias for a61.rackcdn.com. a61.rackcdn.com is an alias for a61.rackcdn.com.mdc.edgesuite.net. a61.rackcdn.com.mdc.edgesuite.net is an alias for a63.dscg10.akamai.net. a63.dscg10.akamai.net has address 63.166.98.41 a63.dscg10.akamai.net has address 63.166.98.40 a63.dscg10.akamai.net has IPv6 address 2001:428:4c02::cda8:ecb9 a63.dscg10.akamai.net has IPv6 address 2001:428:4c02::cda8:ed09 The HTTP header: HTTP/1.0 200 OK Last-Modified: Fri, 19 Oct 2012 23:27:41 GMT ETag: fdf9e14b77def799e09e8ce815a521da X-Timestamp: 1350689261.23382 Content-Type: text/html X-Trans-Id: tx457979be3bd746c2b4e5403a1189cdbc Cache-Control: public, max-age=900 Expires: Sat, 27 Oct 2012 22:18:56 GMT Date: Sat, 27 Oct 2012 22:03:56 GMT Content-Length: 7124 Connection: keep-alive I am wondering, if it's really the fastest solution to power the website? By investigating it thru http://www.just-ping.com/ it seems, that from many places the ping is very high, and during quick investigation I found that they use GeoIP to resolve addresses based on WHOIS, which is not accurate and because of that from many places the ping is above 300ms (for example, if ISP is in balgladore and request is routed to bangladore even if it's 300ms, for period of 1 month), while by just using Amazon Web Services and Route 53 Anycast DNS servers and only 4 EC2 instances it seems that for example India is always below 100ms, while using Akamai it goes above 300ms in some cases, and this is because Route 53 is using BGP. By quickly checking the Akamai, it seems that they are not getting feedback from the traffic - the high ping stays constant even if I keep downloading large files and videos, which is opposite to what they say on their website. They state, that they optimize the performance by taking feedback from the requests, while it seems they just use GeoIP with per City resolution (which are mostly big cities). Because of this, AWS with Route 53 / Anycast DNS seems to be much more reliable, as well EdgeCast which is using BGP, but I dont know how much does it cost to deploy static website. Actually, I dont know if EdgeCast is not a lie, because from isolated places there are many errors - so their performance is at the cost of quality of delivery, because of BGP switching the routes during transfer of large files. So I was wondering, what is really Akamai good for, because they dont seem to pose any strength in any field in what I do understand now, except they offer some software based WAF on their website, but what I really care about is the core distribiution, so the question is? Is really Akamai good for Videos? For static websites? ??? I found so far AWS most usable with most consistent ping and stable transfers.

    Read the article

1 2  | Next Page >