[c-nsp] Options for customer prefix injection into iBGP at the edge

Justin Shore justin at justinshore.com
Thu Sep 3 15:31:10 EDT 2009


I'm soliciting suggestions on the pros and cons on the assortment of 
ways to inject customer routes into iBGP at the edge.

One could simply reference prefix-lists in the BGP config on a 
per-neighbor basis (or peer-group).  The downside to this is that 
prefix-lists can't haven't inline comments for storing information about 
the individual prefixes.  As the prefixes on the edge grow I would think 
that admin overhead and potential for errors would grow as well.

I could reference route-maps in the BGP config as well (per 
neighbor/peer-group).  I'm doing this today, matching against a 
prefix-list to get my routes.  The upside is I add a new sequence to the 
route-map per customer and create a uniquely-named prefix-list per 
customer.  This of course requires more config and more potential typos 
but makes changes as customers come and go much more clearcut (ie, there 
is no question which prefixes belong to which customer).  Another upside 
is that I can also put specific communities on prefixes with a 
route-map.  I'm not doing this today but I plan to in the future as my 
BGP community design progresses.

A third option is redistributing statics into BGP.  This gives me the 
opportunity to tag specific prefixes and filter them with a route-map so 
I only redistribute the prefixes that I want redistributed.  I can also 
name static routes.  I need a static route anyway to tack up the route 
for outbound advertisement and to prevent loops.  The downside is that I 
hate using redistribution.  I'm not a big fan of it.  I've been bit too 
many times to consider redistribution a good method of doing anything. 
It will also result in higher CPU load as the RIB is frequently parsed 
for statics and processed with the route-map if I'm not mistaken. 
Correct?

A fourth option would be to use distribute-lists.  I can use remarks to 
label my individual prefixes in the ACL which is good but I end up with 
one large distribute-list ACL for all my customer prefixes.  That means 
any errors could affect all customers at once.  I also don't end up 
using route-maps so I don't get to set communities on advertised prefixes.

And finally I could use a combination of any of the above to accomplish 
my goals.


What methods do my SP colleagues prefer to use when managing the 
injection of customer routes into iBGP?  I'm open to suggestions.  I've 
tried both of the first 2 options and lean towards the 2nd.  It's time I 
get the remaining customer routes out of the IGP but unfortunately I 
can't see far enough ahead to decide which method is best.  I can't help 
but to think that there must be a better way to accomplish my goals 
without increasing my work load too much and without increasing the 
likelihood of making major mistakes.

Thanks
  Justin




More information about the cisco-nsp mailing list