Re: [eng/rtg] changing loopbacks

[Bruce Pinsky <bep () whack org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Randy Bush wrote:
> so i have junipers, ciscos, and a few <gasp> zebras in an ospf
> and ibgp mesh.  they're peering via loopbacks, of course.
> unfortunately, i need to recover the space from which the
> loopbacks are taken.  of course, i would like to do so with
> minimal disruption.  i am thinking of something like the
> following:
>
>   o add second loopbacks to all routers with new address in new
>     block
>   o set up ibgp peerings to new addresses from existing
>     peerings
>   o change the source of routing updates to new addresses
>   o remove old peerings
>   o remove old loopbacks
>
> what [else] am i missing?

In addition to what others have said, I'd ask:

- - Any ACL's anywhere that filter based on the old loopbacks?
- - Any VTY access controls on the router based on the old loopbacks?
- - Any external systems like authentication servers, management systems,
etc, etc that need the old loopbacks and can't dynamically adapt?
- - Any internal routing policies that reference the old loopbacks?
- - Any DNS entries that need to be migrated (CNAME->A references)?

- --
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFDPE3ME1XcgMgrtyYRApizAKDUz+80NvW2tdMfyivgLGA8+uJ1dQCdF54a
VzUeshCuqbV0dlI3D3Poqxw=
=jOI/
-----END PGP SIGNATURE-----