nanog mailing list archives

Re: High throughput bgp links using gentoo + stipped kernel

From: Andre Tomt <andre-nanog () tomt net>
Date: Mon, 20 May 2013 03:01:25 +0200

Minor nitpicking I know..

On 20. mai 2013 01:23, Ben wrote:

With Linux you have to disable reverse path filtering, screw around with iptables
to do bypass on stateful filtering.

You dont have to "screw around" with iptables. The kernel wont load theconntrack modules/code unless you actually try to load statefulrulesets*. rp filtering on by default I'd also argue is the betterdefault setting, for the 99% of other usecases :-P

With quagga I would tend to agree - but as you I have not used it agesand things do change for the better over time -- occasionally.


* you CAN configure your kernel to always load it, but that is silly.

Current thread:

Re: High throughput bgp links using gentoo + stipped kernel, (continued)
- - - Re: High throughput bgp links using gentoo + stipped kernel Phil Fagan (May 20)
    - Re: High throughput bgp links using gentoo + stipped kernel Justin M. Streiner (May 21)
    - Re: High throughput bgp links using gentoo + stipped kernel joel jaeggli (May 20)
    - Re: High throughput bgp links using gentoo + stipped kernel Ben (May 19)
- Re: High throughput bgp links using gentoo + stipped kernel Michael McConnell (May 19)
  - Re: High throughput bgp links using gentoo + stipped kernel Nick Khamis (May 19)
    - Re: High throughput bgp links using gentoo + stipped kernel Zachary Giles (May 19)
    - Re: High throughput bgp links using gentoo + stipped kernel Nick Khamis (May 19)
    - Re: High throughput bgp links using gentoo + stipped kernel Phil Fagan (May 19)
- Re: High throughput bgp links using gentoo + stipped kernel Ben (May 19)
  - Re: High throughput bgp links using gentoo + stipped kernel Andre Tomt (May 19)
  - Re: High throughput bgp links using gentoo + stipped kernel Laurent GUERBY (May 20)
    - Re: High throughput bgp links using gentoo + stipped kernel Laurent GUERBY (May 20)