[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: Harping on dynamic DNS, was RE: Two ISP's to one DMZ
From:       mikech () avana ! net
Date:       1997-07-09 13:33:13
[Download RAW message or body]



------------------------
  From: "Mark Horn [ Net Ops ]" <mhorn@funb.com>
  Subject: Re: Harping on dynamic DNS, was RE: Two ISP's to one DMZ 
  Date: Wed, 9 Jul 1997 11:15:24 -0400 
  To: "Aaron J. Peterson" <aajpeter@best.com>
  Cc: mikech@avana.net, Firewalls@GreatCircle.COM


>I am a proponent of using BGP in preference of Dynamic DNS + NAT.  But I
>don't agree with your math.

Before I go any further, I want to state that I do like BGP and would use it 
where available. Now, when I said 24 hours for convergence, I didn't state the 
test criteria. Here they are:

1. We had to get portable IPs. Most available from an ISP are not, especially 
in C or B blocks. DNS does not work without portable IPs under BGP.

2. We were using two *different* ISPs. Not two routers to the same ISP. It 
doesn't help your redundancy if you only have one ISP.

3. We tried accessing the Test Subject's router from 7 different national 
ISPs. The longest update time was 24 hours. This could be due to the fact that 
most ISPs do not accept route updates as they should.

4. We experienced the same connectivity problems when the routes came back up.

<Snip!>

>I see a more compelling reason to use BGP over Dynamic DNS + NAT.  And
>that reason is convergence.  I read in your post that you've seen 20
>minute convergence in BGP.  That has not been our experience.  We did
>quite a bit of testing prior to deciding that we were going to use BGP.
>In our tests, we found that convergence time around a network outage
>averaged about 6 seconds (as fast as 2 seconds and as slow as 20
>seconds).  And this was mostly the time that the router took to notice
>that its interface was down.  We didn't have quick enough instrumentation
>to determine the actual convergence time in the routing protocol alone
>(i.e. without including the time for the router to notice the outage in
>the interface).

>For that same network coming back on line, it's a bit slower.  BGP seemed
>to converge in a few minutes - as quickly as 2 minutes and as slowly as
>10.

Was this between two different ISPs, or on your own internal WAN? Can you tell 
me which ISPs allow BGP peering?

>Based on these results, the worst case scenario for BGP is twice as fast
>as Dynamic DNS + NAT.  I would love to hear more data about BGP
>convergence from others who are using it.

I would also like to compile a list of BGP friendly ISPs.

>-- 
>Mark Horn <mhorn@funb.com>

>PGP Public Key available from: http://www.es.net/hypertext/pgp.html
>PGP KeyID/fingerprt: 00CBA571/32 4E 4E 48 EA C6 74 2E  25 8A 76 E6 04 A1 7F 
C1


<Snip!>
---------------End of Original Message-----------------

Mike
--
13:33:13
07/09/97
_______________________________________________________________________
Michael W. Chalkley                                Tel: +1.770.772.4567
ZapNet! Inc.                                       Fax: +1.770.475.7640
Suite 400-120                                E-mail: mikech@iproute.com
10945 State Bridge Road                                mikech@avana.net
Alpharetta, GA 30202                             http://www.iproute.com

[prev in list] [next in list] [prev in thread] [next in thread]