generate default route and export to kernel if remote peer is up

Grant Taylor gtaylor at tnetconsulting.net
Fri Sep 7 17:44:28 CEST 2018 

On 09/07/2018 02:34 AM, Nikola Mitev wrote:
> Hi,

Hi,

> I have a setup of ISP1 -- R1 -- LAN -- R2 -- ISP2 with BGP peerings from 
> R1 to ISP1 and R2 to ISP2

Are your BGP neighbors advertising a default route to you?

I would think that R1 and R2 would iBGP neighbors (or similar with other 
protocols) with each other.  Thus they would both re-advertise the 
default that each receives to the other.

This has the added benefit of R2 learning prefixes that are close to 
ISP1 and routing out that way instead of going out ISP2 and around the 
Internet to get back to prefixes close to ISP1.

> Some hosts on the LAN have R1 as primary gateway, others R2 to distribute 
> the load between the ISPs.

Okay.

I'd think seriously about VRRP or ideally GLBP for this.

It's my understanding that Gateway Load Balancing Protocol can allow all 
GLBP members to be active and share load where as VRRP will have one 
active member.  —  You can have two VRRP ""routers and divide clients 
between them that way.

> I want to add a default route to the kernel on each router but only if 
> the remote peer is up. The remote peer does not respond to BFD so that's 
> not an option.

I've been wanting a solution to this problem for about 20 years.

Specifically I want to be able to detect if the static default gateway 
is functioning or not and dynamically alter the local routing tables.  — 
  I've not found a solution for this yet.  (Granted, I've not spent a 
lot of time trying to find one.)

I had hoped that BFD would do this, but that apparently requires active 
support from the remote neighbor.

This can get complicated if the local link doesn't go down when the 
remote neighbor is not reachable.  I.e.:

[router]---[switch]-X-[bridging DSL modem]-X-[ISP router]

The Ethernet between the router and the switch is up/up, but the link on 
either side of the modem is down.

The only way that I've contemplated solving this is to watch traffic 
coming back from the Internet via the ISP's router, and dynamically 
modify the local routing tables.

I can see this as a simple test of is anything coming in from the ISP 
-or- something beyond the ISP's router.

Can this be extended to watch routes to / from specific destinations 
(via the gateway)?  Should this be done?

Seeing as how I haven't found an answer for this problem, I'd strongly 
encourage you to try to get your BGP neighbors to advertise a default 
route over the existing BGP neighbor sessions.

> Once both routers have a conditionally defined default route for their 
> ISP, it should be easy to propagate that to each other with increased 
> metric as a backup route. I am assuming here that if R1 has a default 
> through R2 and ISP1 is down, R1 will respond with an ICMP redirect to 
> any requests from hosts that need to be routed out of LAN.

This sounds reasonable to me.  There are obvious issues of IP addressing 
and possibly NAT if you're not advertising globally routed IP address 
space for the LAN.  Even then, outbound connections and associated 
incoming replies should be okay.  Granted, you may loose state when 
connections switch from one router NAT set to the other.

> I searched for a recipe that would fit the above but found nothing yet, 
> hoping someone here can help :)

I'd love to see a suggestion from someone too.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20180907/6eef8153/attachment.p7s>

More information about the Bird-users mailing list