[c-nsp] Options for customer prefix injection into iBGP at the edge

[chris at lavin-llc.com]

On Thu Sep  3 15:31 , Justin Shore  sent:

>I'm soliciting suggestions on the pros and cons on the assortment of 
>ways to inject customer routes into iBGP at the edge.
>
>One could simply reference prefix-lists in the BGP config on a 
>per-neighbor basis (or peer-group).  The downside to this is that 
>prefix-lists can't haven't inline comments for storing information about 
>the individual prefixes.  As the prefixes on the edge grow I would think 
>that admin overhead and potential for errors would grow as well.
>
>I could reference route-maps in the BGP config as well (per 
>neighbor/peer-group).  I'm doing this today, matching against a 
>prefix-list to get my routes.  The upside is I add a new sequence to the 
>route-map per customer and create a uniquely-named prefix-list per 
>customer.  This of course requires more config and more potential typos 
>but makes changes as customers come and go much more clearcut (ie, there 
>is no question which prefixes belong to which customer).  Another upside 
>is that I can also put specific communities on prefixes with a 
>route-map.  I'm not doing this today but I plan to in the future as my 
>BGP community design progresses.

I prefer using your second option. Whether in an ISP (with customer routes) or a large enterprise (with lots of business partners), I like the use of 
prefix-list for the exact reason you stated; labeled by customer/business partner name, route-maps (ditto; labeled by customer/business partner name). 
This gives you alot of flexibility to tag or influence behavior and policy by altering options within the route-map for both incoming and outgoing 
routing policies. I think this format also makes it easier on your operations folks since you've named the prefix-lists and route-maps associated with 
each customer/business partner.

-chris


>
>A third option is redistributing statics into BGP.  This gives me the 
>opportunity to tag specific prefixes and filter them with a route-map so 
>I only redistribute the prefixes that I want redistributed.  I can also 
>name static routes.  I need a static route anyway to tack up the route 
>for outbound advertisement and to prevent loops.  The downside is that I 
>hate using redistribution.  I'm not a big fan of it.  I've been bit too 
>many times to consider redistribution a good method of doing anything. 
>It will also result in higher CPU load as the RIB is frequently parsed 
>for statics and processed with the route-map if I'm not mistaken. 
>Correct?
>
>A fourth option would be to use distribute-lists.  I can use remarks to 
>label my individual prefixes in the ACL which is good but I end up with 
>one large distribute-list ACL for all my customer prefixes.  That means 
>any errors could affect all customers at once.  I also don't end up 
>using route-maps so I don't get to set communities on advertised prefixes.
>
>And finally I could use a combination of any of the above to accomplish 
>my goals.
>
>
>What methods do my SP colleagues prefer to use when managing the 
>injection of customer routes into iBGP?  I'm open to suggestions.  I've 
>tried both of the first 2 options and lean towards the 2nd.  It's time I 
>get the remaining customer routes out of the IGP but unfortunately I 
>can't see far enough ahead to decide which method is best.  I can't help 
>but to think that there must be a better way to accomplish my goals 
>without increasing my work load too much and without increasing the 
>likelihood of making major mistakes.
>
>Thanks
>  Justin
>
>
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/