Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: nsp: foundry Foundry RIP   Index | Next | Previous | View Flat

george at shorelink Jul 20, 2003, 4:34 PM Views: 397 Permalink Foundry RIP I have what on the surface seems like a silly question but ... I have some ServerIron 800's running 8.1R that are layer3 aware running RIP and OSPF. The OSPF is used inside the network between various sites and RIP is used locally on the site. I use Netscalers ahead of the ServerIrons to aggregate tens of thousands of internet client connections to a few thousand more persistant backend connections to the load balancers. These persistant connections carry source addresses that are programmed on the Netscalers. Each one is on its own /27 subnet and RIP is used to make the servers behind the ServerIrons aware of how to reach each of these subnets so return traffic passes back to the correct ServerIron and Netscaler. The machines are running zebra/ripd. What I want to do is further simplify the server config by also announcing a default route via RIP. The default route is my problem. It *APPEARS* that in order to make sure a default route gets to the servers, I have to create a filter list that 1. Excludes all routes I dont want sent and 2. sends all the rest that aren't blocked. This scares me because I would rather have a filter list that says: 1. Send all these routes and 2. include a default. In other words, I would like the logic to be "not sent via RIP unless explicitly allowed" rather than "always send via RIP unless explicitly denied." But I find no way to allow 0.0.0.0/0 with their filter language without that also allowing literally every route. So lets say the route table on the SI contains: 1.2.3.128/27 1.2.3.129 1.2.3.160/27 1.2.3.161 1.2.3.192/27 1.2.3.193 1.2.3.224/27 1.2.3.225 1.2.3.0/25 1.2.3.1 10.1.0.0/16 10.254.254.1 10.2.0.0/16 10.254.254.1 0.0.0.0/0 1.2.3.1 What I want to do is pass the /27 routes and the default via RIP while not passing any of the 10/8 routes or the /25 and I DONT want to have to worry about a new route that might be created leaking to the servers via RIP bacuse the servers will have something like: 1.2.3.128/27 via eth0 1.2.3.160/27 via eth0 1.2.3.192/27 via eth0 1.2.3.224/27 via eth0 0.0.0.0/0 via eth0 10/8 via eth1 (which goes to a router, not the SI). Is there a Foundry RIP filter statement that says "pass 0.0.0.0/0 and only that route, not everything that 0.0.0.0/0 'means' ... which is everything" gb

Subject User Time Foundry RIP george at shorelink Jul 20, 2003, 4:34 PM

Index | Next | Previous | View Flat   nsp     inet     ipv6     bogon     extreme     force10     foundry     juniper     outages

Interested in having your list archived? Contact Gossamer Threads
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.