Hi colleagues,
before I will try to build my test lab, I want to ask, whether it's
possible to achieve the fast convergence under the following conditions:
- I use Linux (Ubuntu 20.04LTS, to be more precise)
- I need to build secured mesh of tunnels using NHRP/MGRE and Strongswan
* because all nodes are located in untrusted networks (both routed
and switched)
- I need a fast routing convergence in case of nodes failures
example of topology:
+
+-----------+ S| +------------+
| | w| | |
| HUB +----i+ | Spoke (Sn) |
| | t+------+ |
+--+--------+ c| +------------+
| h|
| +
+---+-+
| | +-----+
| Routed |
+---- network |
| +-----+
+---+--+
|
|
+------+-------+
| Spokes |
| (S1, S2, S3) |
+--------------+
at the end of the all:
- I will have a fully meshed network of all nodes (HUB, Sn, S1, S2, S3)
- where S1, S2 and S3 will form a cluster with Virtual IP (VIP), which
will move between them (using Pacemaker, for example)
The questions are:
- how mature NHRP implementation in Quagga and can I use it in a such
architecture?
- whether it will be possible to use any supported link-state routing
protocols (OSPF, IS-IS) over these tunnels in order to achieve a fast
route propagation of changed VIP location e.g. from S1 to S2 if S1 will
fail for some reasons?
Thank you.
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
before I will try to build my test lab, I want to ask, whether it's
possible to achieve the fast convergence under the following conditions:
- I use Linux (Ubuntu 20.04LTS, to be more precise)
- I need to build secured mesh of tunnels using NHRP/MGRE and Strongswan
* because all nodes are located in untrusted networks (both routed
and switched)
- I need a fast routing convergence in case of nodes failures
example of topology:
+
+-----------+ S| +------------+
| | w| | |
| HUB +----i+ | Spoke (Sn) |
| | t+------+ |
+--+--------+ c| +------------+
| h|
| +
+---+-+
| | +-----+
| Routed |
+---- network |
| +-----+
+---+--+
|
|
+------+-------+
| Spokes |
| (S1, S2, S3) |
+--------------+
at the end of the all:
- I will have a fully meshed network of all nodes (HUB, Sn, S1, S2, S3)
- where S1, S2 and S3 will form a cluster with Virtual IP (VIP), which
will move between them (using Pacemaker, for example)
The questions are:
- how mature NHRP implementation in Quagga and can I use it in a such
architecture?
- whether it will be possible to use any supported link-state routing
protocols (OSPF, IS-IS) over these tunnels in order to achieve a fast
route propagation of changed VIP location e.g. from S1 to S2 if S1 will
fail for some reasons?
Thank you.
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison