From owner-freebsd-isp  Mon Jun 29 20:29:41 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA16257
          for freebsd-isp-outgoing; Mon, 29 Jun 1998 20:29:41 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from NIH2WAAE (smtp5.site1.csi.com [149.174.183.74])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA16235
          for <freebsd-isp@freebsd.org>; Mon, 29 Jun 1998 20:29:34 -0700 (PDT)
          (envelope-from lem@cantv.net)
Received: from mail pickup service by csi.com with Microsoft SMTPSVC;
	 Mon, 29 Jun 1998 23:28:57 -0400
Received: from lem (sf-dnpqj-007.compuserve.net [206.175.228.7])
	by hil-img-ims-3.compuserve.com (8.8.6/8.8.6/IMS-1.3) with SMTP id XAA28038;
	Mon, 29 Jun 1998 23:28:02 -0400 (EDT)
Message-Id: <3.0.5.32.19980629231819.03a1f9a0@pop.cantv.net>
X-Sender: lem@pop.cantv.net
X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32)
Date: Mon, 29 Jun 1998 23:18:19 -0400
To: Tim Tsai <tim@futuresouth.com>
From: Luis Munoz <lem@cantv.net>
Subject: Re: cisco
Cc: Luis Munoz <lem@cantv.net>, Bo Fussing <bmf@gateway.net.hk>,
        Evren Yurtesen <yurtesen@ispro.net.tr>, freebsd-isp@FreeBSD.ORG
In-Reply-To: <19980629194051.08954@futuresouth.com>
References: <3.0.5.32.19980629092935.03b12830@pop.cantv.net>
 <Pine.BSF.3.96.980629091443.2917C-100000@finland.ispro.net.tr>
 <Pine.LNX.3.96.980629145211.10591J-100000@gate.gateway.net. hk>
 <3.0.5.32.19980629092935.03b12830@pop.cantv.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 07:40 PM 29/06/1998 -0500, Tim Tsai wrote:
>> You can use 'policy routing' on your cisco to divert web traffic to your
>> proxy, specially if you have little bandwidth. This also protects you from
>> the death of your proxy, which is another support nightmare.
>
>  Hmm, how does this protect from the death of the proxy server?  If you
>policy route port 80 traffic to the proxy sever, and the proxy server
>dies, what happens?  I am unaware of any mechanisms to provide redundancy
>this way (short of something like Cisco's localdirector).

Your proxy can advertise a route to a virtual interface using an IGP towards
the cisco. The cisco can specify multiple next-hops for policy routed traffic.
You can list the first next-hop as being the virtual interface in your
proxy and the second one, an address in a stable external network, reachable
either via a local default or a BGP learnt route.

If the proxy dies, the advertisements cease and the router loses its
ability to reach the virtual interface in the server. From that point
on, all traffic will be sent outside following defaults or BGP routes
because of the second next-hop in the policy route.

You can also configure policy routing to use standard routing if the
next-hop is not reachable. Both mechanisms would work, though I tend to
prefer the latter.

A local director doesn't work if you have a single proxy but it's a nifty
feature to support multiple proxies. It gets trickier, however, to
configure a fail-over but can also be done.

Regards,

-lem






To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message