Date: Wed, 24 Apr 2024 14:05:33 -0400 From: mike tancsa <mike@sentex.net> To: Gregory Shapiro <gshapiro@freebsd.org>, freebsd-net@freebsd.org Subject: Re: Source IPv4 address selection vs BGP IX connection Message-ID: <42ac4479-53bc-4576-a81a-f71ce4e03986@sentex.net> In-Reply-To: <xrxvyz6h3t45tfbqxag2ueqe6ocg2myxhdg7kqsbjx6czj4xeo@jqwioylxcb2c> References: <xrxvyz6h3t45tfbqxag2ueqe6ocg2myxhdg7kqsbjx6czj4xeo@jqwioylxcb2c>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On 4/23/2024 10:12 PM, Gregory Shapiro wrote:
> Short version:
>
> Using FreeBSD as a BGP router has network issues caused by suboptimal
> default IPv4 source address selection when connected to Internet
> Exchanges (which are required to use IPs that aren't routable on the
> Internet). I was hoping to find more elegant workarounds or encourage
> FreeBSD to add source IPv4 selection akin to the existing IPv6 source
> address selection (no_prefer_iface and prefer_source).
>
> I assume that there is a group of BGP enthusiasts using FreeBSD lurking
> on freebsd-net. What have you done to solve this problem?
>
For DNS in such situations I start unbound locally and bind it to an
internal interface or an IP on lo0 and then tell unbound to just use
that IP only (outgoing-interface IIRC) that is advertised out as a work
around. Its not a proper solution, but will get your resolver working
at least. I run into this problem in layered networks where the next hop
is often RFC 1918 addrs. I bind applications to internal NICs that have
addresses that have routing to/from.
---Mike
[-- Attachment #2 --]
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 4/23/2024 10:12 PM, Gregory Shapiro
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:xrxvyz6h3t45tfbqxag2ueqe6ocg2myxhdg7kqsbjx6czj4xeo@jqwioylxcb2c">
<pre class="moz-quote-pre" wrap="">Short version:
Using FreeBSD as a BGP router has network issues caused by suboptimal
default IPv4 source address selection when connected to Internet
Exchanges (which are required to use IPs that aren't routable on the
Internet). I was hoping to find more elegant workarounds or encourage
FreeBSD to add source IPv4 selection akin to the existing IPv6 source
address selection (no_prefer_iface and prefer_source).
I assume that there is a group of BGP enthusiasts using FreeBSD lurking
on freebsd-net. What have you done to solve this problem?
</pre>
</blockquote>
<p>For DNS in such situations I start unbound locally and bind it to
an internal interface or an IP on lo0 and then tell unbound to
just use that IP only (outgoing-interface IIRC) that is
advertised out as a work around. Its not a proper solution, but
will get your resolver working at least. I run into this problem
in layered networks where the next hop is often RFC 1918 addrs. I
bind applications to internal NICs that have addresses that have
routing to/from.<br>
</p>
<p> ---Mike<span style="white-space: pre-wrap">
</span></p>
</body>
</html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42ac4479-53bc-4576-a81a-f71ce4e03986>