North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP - weight
Thanks for anyone who answered. Guess, we sorted it out now. Sven On Sun, Feb 15, 2004 at 07:31:46PM +0000, E.B. Dreger wrote: > ... > > SH> As this is a small network internally everything is routed > SH> via static routes. > > Except for the smallest of networks, I try to avoid static > routes. It's additional work and opportunity for error. Using > BGP + TCP MD5 auth, OSPF auth, hardcoded ARP entries, per-port > MAC address restrictions, prefix lists, route maps, etc., one can > run a dynamic network and still keep security under control. > > > SH> R1 and R2 have full BGP views from the transit providers as > SH> well as partial view from the peers. > > Why not arrange the routers and switch in a single VLAN? (Or did > I misunderstand your earlier ASCII-art diagram?) I usually use > something like: > > 10.0.0.1/32 local sinkhole > 10.0.0.2/28 virtual router (HSRP/VRRP; maybe XRRP now) > 10.0.0.3/28 physical router #1 > 10.0.0.4/28 physical router #2 > : : : : : : : > 10.0.0.13/28 [routing] switch #2 > 10.0.0.14/28 [routing] switch #1 ...
|