Saturday, November 18, 2017

Today is the day we multihome BGP.

In about a half an hour, we're going to turn up two new Internet connections to our campus. When it's finished, we'll be running multihomed BGP across two ISPs. And I'm getting a little nervous. We did as much testing as we could earlier in the week, but we had propagation issues: first we only advertised a /26 (which Cisco Advanced Services didn't make us aware was an invalid advertisement) and then when we fixed it, some sort of autosummary occurred and we took ourselves down.

Twice.

In twelve hours.

These are things that happen. Outages were less than 10 minutes each time but felt like forever. Comcast says they're not summarizing, our other ISP says they're not, so maybe that was out of our hands. Short of really digging into it and keeping the whole place offline we were up a creek. Seemed like we blackholed to the new router, which wasn't linked to the production network. But while we were up on that link, testing was fine.

So we're going full speed ahead: advertise the full route everywhere, the specific NAT pools at each router, and see what happens. I think we'll be OK. We don't have a lot of BGP experience, but techs from both ISPs will be available, and it's pretty straightforward.

The scotch is at the ready for when I get home.

We who are about to die salute you.



No comments:

Post a Comment