[c-nsp] ME3600 iBGP to RR

Mark Tinka mark.tinka at seacom.mu
Sat Mar 7 00:25:32 EST 2015 


On 7/Mar/15 01:55, Adam Vitkovsky wrote:
>
> So I imagine you also need to permit customer PIs and PAs into FIB
> otherwise customers hanging off of MEs in a common ring would not be
> able to communicate directly but would rather need to follow the
> default route towards the closest box that holds the full routing
> information.
> So you are indeed using communities to identify what can leak into FIB
> -otherwise the route-map wold have to be updated on all routers each
> time a new customer connection is added.

Indeed.

My BGP-SD route-map includes communities and other necessary match
conditions that identify prefixes I'd like to download into FIB.

>
> That kind of solves my dispute as to which solution BGP-SD/PW to
> full-BGP is more "routing efficient"
> And indeed BGP-SD allows for more efficient Intra-AS routing.
> It's just in my head the PW between CE and speaker with full Inet BGP
> table guaranties that nothing wrong ever happens, whereas the BGP-SD
> is like asking for trouble (because what can break will break,
> eventually, in a long run).

I've heard that argument thrice now (including from a vendor who
developed the feature, but mostly for dedicated RR's), and I'm yet to
run into an issue with this that is more risky than any other feature
breaking on a router, in theory or practice.

I've been running BGP-SD since June of 2014. Like anything else in your
network, if you know what you're doing and your staff are trained, it's
no more or less risky than any other feature to the overall service
being provided by the box, e.g., in the case of obtaining a full BGP
table from a big box far, far away, someone could easily mess up the
NEXT_HOP value that needs to get sent to customers, or even mess up the
routing to the NEXT_HOP from the ME3600X that the customer attaches to.
This can get even more confusing if, for purposes of scaling and
distribution, one uses different upstream routers to send the full BGP
table to different customers behind different ME3600X switches.

So there is risk everywhere. Mitigation is through training and code
qualification.

Mark.

More information about the cisco-nsp mailing list