[c-nsp] ME3600 iBGP to RR

Adam Vitkovsky Adam.Vitkovsky at gamma.co.uk
Thu Mar 5 12:12:30 EST 2015 

Hi Mark,


> Mark Tinka
> Sent: 05 March 2015 13:16
> > It is a good topic for a discussion.
> > If you reset all the sessions the box becomes completely disconnected
> from the core (as most likely the same amount of routes will be advertised
> by both RRs (clusters)).
> 
> That is why, for my network, all management traffic is handled by the
> IGP (IS-IS, in my case).

Sorry, now I see I haven't made myself clear at all, I meant disconnected from VRFs perspective. 
Of course the box would have been reachable over OOB management network or via IGP. 

> > If just warning is issued the box remains alive but there might be some
> unexpected states of memory rendering it unusable anyways (all kinds of
> weired issues can happen if the mem is exhausted be it just for a short
> interval).
> 
> Use BGP-SD.
> 
> The ME3600X can hold 2x full IPv4 and 2x full IPv6 tables in RAM. I
> know, I do it. Then you pick and choose what gets installed into FIB
> using BGP-SD.

These are interesting numbers indeed. 
And I wanted to ask you for some time now what prefixes do you actually leak into the FIB to make any use of it. 
Because how I would use this is just to get the full table to the customer hanging off of the ME. 

Anyways the problem is 20K is not that much and can easily be exhausted with VPN customer prefixes in which case the SD can't really be used. 

> > However if a config mistake happens and one of the RRs (or clusters for
> that matter) starts advertising excess routes then it would be desired to
> reset the affected session(s) in which case the box remains perfectly
> operational using the sessions to remaining RRs.
> 
> With BGP-SD, even if the RR suddenly started spewing more routes, you
> don't hurt the FIB.

You just need to make sure you never mess up the route-map used for SD. 


adam
---------------------------------------------------------------------------------------
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------

More information about the cisco-nsp mailing list