Hi brian
Thanks for the info. SO u cannot do load balancing when u have ospf running
on two different process.
Is there anyone in the group came across this BGP based Attack for Anycast
Address and is there any solution to it.
On Sun, Oct 21, 2012 at 7:48 AM, Brian Dennis <bdennis_at_ine.com> wrote:
> > How does RIB chooses when it receives two OSPF instance routes for the
> >same
> > prefix. Both are Intra area, same cost.
>
> In regards to the question above, the RIB will use the oldest OSPF route
> irrespective of the cost or route type. For EIGRP the lowest EIGRP AS is
> used when two AS's try to inject the same route into the RIB.
>
> --
> Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice)
> bdennis_at_ine.com
>
> INE, Inc.
> http://www.INE.com
>
>
>
> On 10/20/12 5:05 AM, "Routing Freak" <routingfreak_at_gmail.com> wrote:
>
> >Hi all
> >
> >I have configured for anycast address for my customers Server IP address
> >and advertised it to internet via BGP. This customer has 10 locations
> >throughout the globe.
> >So all are advertising the same Anycast address for the Server in the
> >internet. So in the core Internet BGP table, this Anycast address is
> >earned
> >from many AS's and each will prefer their shortest path based on the BGP
> >best path.
> >THe traffic was happily flowing. But today morning , all the traffic gets
> >blackholed completely from a particular APAC region and when i am
> >investigating the issue, i saw the ANycast address is advertised from a AS
> >which there are no actual servers located and i need to tell to the BGP
> >Core Routers and upstream ISP that do not accept this prefix from this AS.
> >Because they are simply advertising the prefix with best MED value and all
> >the traffic chooses that AS as transit and i need to find the ROGUE server
> >from which AS and need to give info to the Service Providers about this
> >ATTACK and i need to recover my traffic.
> >
> >Can anyone tell how to deal with this situation? What can i do to avoid
> >this situation.
> >
> >
> >THere are two different OSPF instances ( Not vrf instances of OSPF ) . It
> >is globally configured OSPF instances. When i learn the same prefix form
> >two different Global OSPF instances, which one will the RIB choose to send
> >the packet.
> >I have OSPF 1 and OSPF 2 running and both are receiving the same prefix
> >and
> >i want to load balance the traffic , but it always chooses only one path
> >
> >
> >R1-----------------------R2-------------------------R3
> > |
> > |
> > |
> > |
> > |
> > |
> > R4
> >
> >So in this R1 is advertising the anycast address server IP to R2 via OSPF
> >1
> >and R3 advertising the same IP to R2 via OSPF 2. All are in the same area
> >.In the R2 RIB, It is always choosing the R1 to send the Server traffic
> >and
> >not R3 and it affects my load balancing.
> >
> >How does RIB chooses when it receives two OSPF instance routes for the
> >same
> >prefix. Both are Intra area, same cost.
> >
> >THanks
> >
> >
> >Blogs and organic groups at http://www.ccie.net
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Oct 22 2012 - 19:26:51 ART
This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 10:53:33 ART