nanog mailing list archives
Re: Policy-based routing is evil? Discuss.
From: Jimmy Hess <mysidia () gmail com>
Date: Fri, 11 Oct 2013 17:22:54 -0500
On Fri, Oct 11, 2013 at 12:27 PM, William Waites <wwaites () tardis ed ac uk>wrote:
In my opinion the main problems with this are: - It's brittle, when a line fails, traffic doesn't re-route
Yes, but this is no worse than if you just had one single DSL link. Manual failover is a perfectly valid solution for very small networks where a less-than-enterprise-grade solution such as DSL is suitable. I'd be more concerned about the question of /have you implemented a proper firewall solution/ ? - None of the usual debugging tools work properly
- Adding a new user is complicated because it has to be done in (at least) two places
Not necessarily. You might pick a /20 rfc1918 network, and then assign a /24 of source addresses out of the subnet to each link. Then you won't need to adjust two places, every time a device is added; just IP it appropriately, or set the appropriate DHCP reservation, or Best: subnet the local network based on choice of outgoing WAN link, and select the client's VLAN based on desired WAN link... Another alternative to PBR is to have an extra router for each DSL link, providing a default gateway;
But I'm having a distinct lack of success locating rants and diatribes or even well-reasoned articles supporting this opinion.
There are plenty of downsides to PBR in various scenarios, but the PBR functionality on these devices doesn't exist just at the whim of the device manufacturer --- operators look for the functionality. It is perfectly valid and very good to use PBR, as long as you understand any limitations and drawbacks that apply to your specific situation. The main drawback is ease-of-maintenance challenges. -w -- -JH
Current thread:
- Re: Policy-based routing is evil? Discuss., (continued)
- Re: Policy-based routing is evil? Discuss. joel jaeggli (Oct 11)
- Re: Policy-based routing is evil? Discuss. Michael Hallgren (Oct 11)
- Re: Policy-based routing is evil? Discuss. William Waites (Oct 11)
- Re: Policy-based routing is evil? Discuss. Fred Reimer (Oct 11)
- Re: Policy-based routing is evil? Discuss. Christopher Morrow (Oct 11)
- Re: Policy-based routing is evil? Discuss. Stuart Sheldon (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jay Ashworth (Oct 11)
- Re: Policy-based routing is evil? Discuss. Fred Reimer (Oct 11)
- Re: Policy-based routing is evil? Discuss. joel jaeggli (Oct 11)
- Re: Policy-based routing is evil? Discuss. John Kristoff (Oct 11)
- Re: Policy-based routing is evil? Discuss. Leo Bicknell (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 11)
- Re: Policy-based routing is evil? Discuss. Octavio Alvarez (Oct 12)
- Re: Policy-based routing is evil? Discuss. Jimmy Hess (Oct 12)
- Re: Policy-based routing is evil? Discuss. John Osmon (Oct 12)
- RE: Policy-based routing is evil? Discuss. Phil Bedard (Oct 11)
- Re: Policy-based routing is evil? Discuss. Bruce Pinsky (Oct 11)
- Re: Policy-based routing is evil? Discuss. Jeff Kell (Oct 11)
- Re: Policy-based routing is evil? Discuss. Bruce Pinsky (Oct 11)