using gated for multi-home BGP

the configs are based on a few factoids derived from the examples and alot
of trial and error.

i wonder if there is a site or some sample configs that i can use to learn
about using gated/BGP in the following contexts:

- filters (rejecting/dropping specific routes RFC1918, default, sub/24, etc)
- combining AS's (we have 3+ AS's behind our network)
- raising/lowering preferences on routes/AS's

Major caveat: I haven't used gated in about six months and haven't
used any version of gated released since say, 1997.

I don't know of any other than the Merit gated site. I thought that
the Merit site was pretty good.

If you are familar with the underlying concepts and technologies, I
find the gated configuration file BNF more intuitive than say, Cisco.

also, if using an intel platform, with FreeBSD, what would your recommendations
be for processor/RAM with two full peers?

Gosh, one of the nice things about PC routers is that this is
essentially a non-issue. You are going to be able to max out the PCI
bus with just about any configuration of RAM and CPU. We have been
very happy with multi-homed BGP systems with a Pentium 166mHz CPU and
128MB of RAM holding three full views.

Here is a great secret One PC based routers:

   Given the prices for PC systems, I strongly recommend you get one
PC router per uplink and run IBGP between them *and* always have one
running IBGP as a hot-swap/spare. The problem with PC routers is that
unlike say Ciscos, it is significant downtime to swap in/out boards or
upgrade the OS. Using IBGP, you can get around this problem by always
having at least one of your links up.

The advantage of PC routers is that they are so cheap, you can have
complete redundancy. This will allow you to do things like rotate in
during off hours, your spare router, which has the latest version of
the OS or gated or whatever, without causing significant downtime.

Great secret two is to be aware of what features the PC routers lack
in terms of routing protocols and inteface cards. Trust not the
interface card vendors to give you accurate information (or working
cards/drivers.)

All of the routing daemons I know of lack features that you will end
up wanting at some point. You gotta know what is there, what will be
there and what is missing. MLPS, high quality multiple path load
balancing, OSPF NSSA, etc. You may not need any of these features
now, but when conteplating future designs, you need to know when to
swap out other technologies.

Don't bet the farm on any interface card that you have not installed
in your spare/sandbox router and really beat on. Some of the
interface card vendors are really strange people. Expect to be your
own support organization....

Unix based routers are really a great tool to have in your toolbox. I
have basically been using them on and off for 15 years. No matter
what size your network, there are definitely jobs for which they make
sense. There are a much greater set of jobs for which they make no
sense at all.... It is great to be able to understand the
advantages/disadvantages and optimally deploy them. Good luck! Have
fun!

regards,
fletcher

Major caveat: I haven't used gated in about six months and haven't
used any version of gated released since say, 1997.

I too, but I have (yet) two or tree PC routers (working as the console
servers mainly) in our network, and there was years when PC was the base
routers here in Russia (about 4 - 5 years ago).

The advantage of PC routers is that they are so cheap, you can have
complete redundancy. This will allow you to do things like rotate in
during off hours, your spare router, which has the latest version of
the OS or gated or whatever, without causing significant downtime.

No only. Last year we see a lot of new, very insteresting features
supported by the base PC-router-capable system, Free BSD (why FreeBSD?
because:
- it's free, not as the BSDI
- it have classical IP stack, not as the Linux
- It have a lot of packages and ports, not as NetBSD or OpenBSD),

Modern PC-based systems have:
- firewall features
- NAT features
- traffic control features (even traffic shaping does work)
- it's safe (if use ssh and remote-authentication and Security-Level and
don't use the services opened by default)
- and of course they cheaper.

I think we are facing to the next wave of PC-based access routers in a few
next years, because this year is the first when the network features
became very stable in the modern Free system (just as the Free systems
themself became stable about 2 years ago). The world when 99% of the
routers are CISCO can't live forever, even if we like CISCO very much -:).

> All of the routing daemons I know of lack features that you will end
up wanting at some point. You gotta know what is there, what will be
there and what is missing. MLPS, high quality multiple path load
balancing, OSPF NSSA, etc. You may not need any of these features
now, but when conteplating future designs, you need to know when to
swap out other technologies.

Quite agree. Or you should use commercial software. This was just the
primary reason why we dropped out the customers from the PC a few years
ago. Another reason was the stability - the piece of hardware withouth the
disks (Cisco) seems to be just more stable than PC with (often) badly
designed fans, power supply and rotating disks...

On the other hand, firewalling and NAT and traffic control seems to became
a good designed and written features of the modern FreeBSD system (and it
seems of the Linux, too).

A little about configs... (may be not interesting here, but). Gated config
is just more readable and more understandable, it's logical (CISCO config
does not have any logic at all). It could be easily generated and
collected from the pieces. On the other hand, CISCO's config is almost
100% stable against the mistakes or errors, and GATED's config is just the
strict language. And they use the different principals in
import/export/redistribution...

Unix based routers are really a great tool to have in your toolbox. I
have basically been using them on and off for 15 years. No matter
what size your network, there are definitely jobs for which they make
sense. There are a much greater set of jobs for which they make no
sense at all.... It is great to be able to understand the
advantages/disadvantages and optimally deploy them. Good luck! Have
fun!

regards,
fletcher

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)

This was just the

primary reason why we dropped out the customers from the PC a few years
ago. Another reason was the stability - the piece of hardware withouth the
disks (Cisco) seems to be just more stable than PC with (often) badly
designed fans, power supply and rotating disks...

I've played with some Torrent/Ericcson equipment. They had the foresight
to utilize pcmcia flash devices as the stoage on their pc-based RSP. Very
nice stuff. Its been a while since I've played with it, however.
Michael Heller
Sr. Systems Engineer
Earthweb, Inc.
212.448.4175
mikeh@earthweb.com