[c-nsp] Cisco 2801 full bgp multihome

Vincent C Jones v.jones at networkingunlimited.com
Wed Jan 6 14:57:39 EST 2010 

One trick I've used where resources are tight is to "take" full routes,
but filter them so that I only accept "local" (short AS path) and a few
key indicator prefixes (typically out of country root DNS server
subnets). The indicator prefixes are used to drive a conditional default
route (use this ISP as default only if it appears to be well connected)
while the number of ASN's allowed in "local" prefixes can be adjusted to
control the number accepted. 

Note that this only impacts traffic going out from you. Inbound traffic
is a separate issue. With only a single /24, your inbound load balancing
options are limited. Depending on the connectivity of your upstreams and
who your users are talking to, you may also see lots of asymmetric
routing.

Good luck and have fun!
-- 
Vincent C. Jones
Networking Unlimited, Inc.
Phone: +1 201 568-7810
V.Jones at NetworkingUnlimited.com

On Wed, 2010-01-06 at 10:50 -0600, Jason Shearer wrote:
> Ben,
> 
> Not going to be able to load balance inbound as you only have a single /24 to advertise (this is the minimum prefix that will make it to the NAP).  Outbound you should be good....just note that you will experience asymmetric routing (in one out the other).
> 
> I have used 28xx routers for full tables before and it will be good when the going is good but very bad when the going gets bad.  If you are going to use an ISR I would recommend a 3825 at a minimum (two would be better).  Convergence will be much faster.
> 
> A better alternative if you are strapped for cash may be to just accept defaults.  Make your backup connection smaller but have it contracted to grow or burst if you experience problems with the primary.
> 
> Jason
> 
> >>>Tranlation<<<
> 
> No va a ser capaz de equilibrar la carga de entrada, ya que sólo tienen un único / 24 para anunciar (este es el prefijo mínimo que hará en el PNA). De salida debe ser bueno .... Solo ten en cuenta que la experiencia de enrutamiento asimétrico (en uno el otro).
> 
> He utilizado 28xx routers para mesas completas antes y que será bueno cuando las cosas es bueno, pero muy mal cuando las cosas se ponen malas. Si usted va a utilizar un ISR yo recomendaría un 3825 a un mínimo (dos sería mejor). Convergencia será mucho más rápido.
> 
> Una mejor alternativa si está atado por dinero en efectivo puede ser simplemente aceptar valores por defecto. Hacer la conexión de copia de seguridad más pequeña, pero que han contratado para crecer o explotar si tiene problemas con la primaria.
> 
> 
> From: Benjamín Gálvez [mailto:bgalvez at gmail.com]
> Sent: Wednesday, January 06, 2010 10:35 AM
> To: Jason Shearer
> Subject: Re: [c-nsp] Cisco 2801 full bgp multihome
> 
> Jason,
> 
> In Spanish
> 
> La idea es conectar la Empresa (Bank) a dos ISP (Service provider) vía bgp en modo full para tener Balanceo de carga de salida y entrada.
> Ambos enlaces son de 10Mb. y la empresa tiene un solo prefijo /24 a publicar y su propio ASN.
> La idea es lograr redundancia de salida a Internet y tambien de entrada para acceso de clientes.
> 
> La opcion "ruta default" me obliga a utilizar un enlace y el otro dejarlo pasivo (standbye)
> 
> Ambos ISP pondran router Cisco 2801  pero con 256Mb.
> 
> La pregunta es ¿Me sirve el router 2801 pero con 512Mb? o necesito cambiarlo por otro router con mejores prestaciones?
> Ambos ISP me hablan de un router serie  7000 como "minimo".
> 
> In English
> 
> Pending traslate....
> Sorry
> 
> Benjamín
> 2010/1/6 Jason Shearer <jshearer at amedisys.com<mailto:jshearer at amedisys.com>>
> No way Jose.  You will start fragging.  I would recommend no less than 512 to receive full tables.
> 
> Outside of memory the 2801 is not going to be a very good platform to accept full tables on.  Any major routing updates is going to choke the platform.  How big are the circuits you are landing from each provider?
> 
> What are you trying to accomplish?  Outbound load sharing?  Inbound?  How many /24 prefixes to you have to advertise?
> 
> Jason
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net<mailto:cisco-nsp-bounces at puck.nether.net> [mailto:cisco-nsp-bounces at puck.nether.net<mailto:cisco-nsp-bounces at puck.nether.net>] On Behalf Of Benjamín Gálvez
> Sent: Wednesday, January 06, 2010 10:03 AM
> To: cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
> Subject: [c-nsp] Cisco 2801 full bgp multihome
> *Hi,
> 
> Can Cisco 2801 with 256MB RAM can handle full BGP table (1-2 peers,
> multihome) ?
> 
> Best regards
> Benjamín
> *
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> *** NOTICE--The attached communication contains privileged and confidential information. If you are not the intended recipient, DO NOT read, copy, or disseminate this communication. Non-intended recipients are hereby placed on notice that any unauthorized disclosure, duplication, distribution, or taking of any action in reliance on the contents of these materials is expressly prohibited. If you have received this communication in error, please delete this information in its entirety and contact the Amedisys Privacy Hotline at 1-866-518-6684. Also, please immediately notify the sender via e-mail that you have received this communication in error. ***
> 
> 
> ________________________________
> *** NOTICE--The attached communication contains privileged and confidential information. If you are not the intended recipient, DO NOT read, copy, or disseminate this communication. Non-intended recipients are hereby placed on notice that any unauthorized disclosure, duplication, distribution, or taking of any action in reliance on the contents of these materials is expressly prohibited. If you have received this communication in error, please delete this information in its entirety and contact the Amedisys Privacy Hotline at 1-866-518-6684. Also, please immediately notify the sender via e-mail that you have received this communication in error. ***
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list