Searching for an alternative for our old Cisco Border Router we are evaluating some software routing suites on “normal” server hardware.
First we tried Vyatta, but the routing software frequently crashed completly. Maybe this is fixed with VC4 Alpha 1, but we didn’t test that.
Next try was the development version (0.99.9) of quagga from Debian testing, but it looks like a peering with one of our cisco router fails after the hold timer expires.
2008/02/19 15:08:06 BGP: Performing BGP general scanning
2008/02/19 15:08:06 BGP: scanning IPv4 Unicast routing tables
2008/02/19 15:08:06 BGP: scanning IPv6 Unicast routing tables
2008/02/19 15:08:07 BGP: Import timer expired.
2008/02/19 15:08:13 BGP: 192.168.96.2 rcvd UPDATE w/ attr: nexthop 212.202.214.150, origin i, localpref 100, metric 0, path 20676 2914 2914 2914 2914 4755 4755 4755 4755 4755 9583
2008/02/19 15:08:13 BGP: 192.168.96.2 rcvd 124.7.35.0/24
2008/02/19 15:08:13 BGP: Zebra send: IPv4 route add 124.7.35.0/24 nexthop 212.202.214.150 metric 0
2008/02/19 15:08:17 BGP: 192.168.96.2 sending KEEPALIVE
2008/02/19 15:08:17 BGP: 192.168.96.2 KEEPALIVE rcvd
2008/02/19 15:08:17 BGP: %NOTIFICATION: received from neighbor 192.168.96.2 4/0 (Hold Timer Expired) 0 bytes
2008/02/19 15:08:17 BGP: %ADJCHANGE: neighbor 192.168.96.2 Down BGP Notification received
Any ideas are welcome … also some other routing suite alternatives.
The Routing Suite in an ISP environment? by Cyconet Blog, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License. Terms and conditions beyond the scope of this license may be available at blog.waja.info.
I’ve used Quagga very successfully in an ISP environment for a few years now, taking several full feeds and with many peers. Currently most routers are running 0.99.9-2 backported from sid. It has known issues with IPV6, so use an earlier version if that’s a requirement.
Might be a stupid question, but did you check there were no iptables rules preventing the connection from being established correctly? Are you trying to use TCPMD5 on the session?
You can always drop a mail to the quagga-users list, people on there tend to be very helpful..
Try OpenBSD and OpenBGPD (former the OS latter the sw).
You will be much more happier with it.
Hi Sam,
we did setup TCPMD5 and no, we are not filtering between the routers. There are some hints on the net, that MTU could cause some trouble .. but changing it on the quagga side, breaks OSPF, since the other OSPF peers all have 1500 set and quagga is complaining about different MTU of the OSPF peer.
Hi cstamas,
the reason preventing me to do that, I’ve not the option to recompile the whole userland/kernel, if there are any security bugs open … this might cause a bigger network outage.
A friend of mine swears by Microtik (sp?). He uses it as his ISP (couple of thousand users).
Hi Haakon,
is the Microtik used in an OSPF/Full Table BGP Environment used?
Yes it is, one full feed and a couple of peering feeds (3-5K routes). However he is not redistributing the full table from BGP into OSPF. But that has stopped being best practice for a long while now.
Ah okay …. and redistributing the whole 250k routes from BGP into OSPF seems not a good idea anyways. :)
Indeed, these days I recommend that people run BGP on a loopback and carry their customer routes via BGP as well. Keep OSPF to just advertising the loopback and interface addresses. Gives faster convergence and better route stability.
Please try openbsd and openbgpd and foregett quagga. Quagga crashed when i tried to import the global table.
I’m maintaining one (bgp multihop) environment with a 10 Mbit upstream and a 2 Mbit upstream where we are using quagga 0.99.5-5etch3. We are getting 2 BGP full tables without problems …. the tables is getting a bit slower that with 100/1000Mbit connection. So the difference there is the speed of getting the table and multihop. But could that cause a “Hold Timer Expired” problem?
Just wanted to give you a heads up that the new Vyatta VC4-Alpha 2 code was released yesterday. I think you’ll find it much better. http://www.vyatta.org/downloads We just completed some pretty heavy BGP testing with this version of code and the numbers were impressive (published report soon) This version will Beta in March and complete QA and be published as a community release mid April.