[c-nsp] C2691-BGP Scanning process.

[Ryan O'Connell]

On 24/11/2004 14:30, Montes, Carlos M wrote:

>I have three Cisco 2691 routers, each with a single T-1 circuit connected to and ISP.  I see that the BGP Scanning process causes the CPU to spike up 100% every 15 seconds or so.  When this happens and I PING through the T-1's out to the directly attached router at the ISP, the ping round trip increases from about 4 ms to 400 ms. 
>We are accepting the full routing table and no default routes or networks.  Shouldn't these routers be able to handle BGP without affecting their performance?  They all have 256MB of RAM.
>Any suggestions on what to do different here?  I considered asking the ISP's for default routes and filter everything else, or simply just ask them for a default route, but it seems a shame not to be able to choose the shortest BGP path instead of just following a default.  I kind of like the full routing table.
>  
>

The processor in the 2691 isn't really up to the job of a full table.

Your best bet to keep some degree of reasonable routing is to use 
communities from your ISPs to accept only routes for their customers 
and/or peers and default everything else. This should reduce the table 
to a managable size but still keep most of the benefits. Most of the 
sites you'll be talking to will tend to be in the same country/continent 
you're in anyway, so your upstreams are likely to peer with them or have 
them as customers. You're unlikely to want to talk to someone in 
Elbonia[1] for example, and so have no real use for the 25k prefixes 
from there.

Another idea is to filter heavily on longer prefixes - e.g. /23 and 
longer. This will probably kill 50k+ routes for no penalty as long as 
you're also default routing.

[1] This is a ficticous example, obviously. :-)

-- 
         Ryan O'Connell - CCIE #8174
<ryan at complicity.co.uk> - http://www.complicity.co.uk

I'm not losing my mind, no I'm not changing my lines,
I'm just learning new things with the passage of time