Tuesday, March 15, 2005

GINX V

After many, many months in the pipeline, GINX got its first (second actually, Rhodes was the first) peer — kudos to Bradley for bringing the Albany Schools Network online.

A few teething problems emerged once we started to see real traffic via the GINX switch. The first of these related to some DNS hacks we were doing. Because Albany Schools effectively moved from inside our firewall to outside (history; don't ask ...), we needed to punch some holes into our firewall to get things to work as they were before. This won't be the case when other people come on board.

The second problem was that we had an asymmetric route to Rhodes. We're peering to GINX with our two redundant border routers. A bug in the config of our primary router meant it wasn't advertising its route to GINX but was learning routes from it — so traffic from Rhodes went out via one router and in via a different one. Sorta breaks stateful firewall rules ;-) Adding the missing allow line to the config fixed that problem; GINX now sees two routes for Rhodes and gets the preference (metric, multi-exit discriminator) right. BGP is cool.

To celebrate this, Russell and I had a go at updating the GINX website to do content negotiation à la the W3C's Architecture of the World Wide Web. So now http://ginx.org.za/lookingglass.cgi is http://ginx.org.za/lookingglass, http://ginx.org.za/status.html is http://ginx.org.za/status and so on. We also created an RSS feed and got Sablotron and PHP to render the status page from it via an XSLT style sheet. The web is a wonderful place. CSS, PHP and XML can make it better.

Now we need to get Cliff at Imaginet to get round to setting up his peer — all the bits seem to be in place, he just needs to plug them together — and we'll start seeing some real use from GINX. Oh, and the Foundation would be nice too, but that's a lot more complex to get right because of how it's connected to the peering point and they're about to start SciFest. Broken routing there would probably go down like a lead balloon.

posted by guy at: 22:46 SAST | path: /systems | permanent link

June 2010 (1)
August 2008 (1)
July 2008 (1)
May 2008 (2)
October 2007 (2)
September 2007 (1)
April 2007 (2)
November 2006 (1)
October 2006 (2)
September 2006 (3)
July 2006 (1)
June 2006 (1)
March 2006 (2)
December 2005 (1)
November 2005 (1)
October 2005 (3)
September 2005 (1)
August 2005 (3)
July 2005 (4)
June 2005 (1)
May 2005 (6)
April 2005 (4)
March 2005 (5)
February 2005 (2)
January 2005 (4)
November 2004 (5)
October 2004 (3)
September 2004 (10)
August 2004 (5)
July 2004 (12)
June 2004 (6)
February 2004 (7)
January 2004 (16)