[c-nsp] BGP and decrease CPU usage

Benjamin Lovell belovell at cisco.com
Mon Nov 15 23:04:59 EST 2010 

The most efficient way to filter all prefixes from a peer is "no  
neighbor x.x.x.x" :) But seriously like Mike said, there is no good  
reason to have a peer and filter all the prefixes from it.

If you are seeing CPU spikes during BGP scanner I don't see how  
disabling next hop tracking will help you and during reconvergence we  
really want to spend as much CPU as possible getting to a converged  
state. My understanding of next hop tracking is that it is event driven 
(something along the lines of registering for an event callback with  
the RIB when a next hop changes) not scanner driven so it should  
consume essentially no CPU resources until an event happens.

As for the efficiency of route filter methods.. prefix lists and ACLs  
are less CPU intensive than as-path.

-Ben


On Nov 15, 2010, at 5:45 PM, Michael K. Smith - Adhost wrote:

> Are you having to reduce BGP usage because your processor is pegged  
> all the time with BGP processes (scanner, etc.) or because it  
> spikes?  The processor is supposed to spike while it's doing it's  
> updates.  Here's a GSR's output while scanning.
>
> CPU utilization for five seconds: 99%/0%; one minute: 19%; five  
> minutes: 15%
> PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
> 200  2553083580  15050987     169631 96.00% 16.87% 12.84%   0 BGP  
> Scanner
>
> If you're going to apply a .* deny, why have the peer at all?   
> You're not going to get any routes.  You might want to consider  
> accepting a default-only from a provider.  This will certainly cut  
> down on the amount of processor for scanning, although it will still  
> hit 99% when it's running, would be my guess.
>
> Mike
>
> --
> Michael K. Smith - CISSP, GSEC, GISP
> Chief Technical Officer - Adhost Internet LLC mksmith at adhost.com
> w: +1 (206) 404-9500 f: +1 (206) 404-9050
> PGP: B49A DDF5 8611 27F3  08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
>
>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
>> bounces at puck.nether.net] On Behalf Of Robert Hass
>> Sent: Monday, November 15, 2010 2:28 PM
>> To: cisco-nsp at puck.nether.net
>> Subject: [c-nsp] BGP and decrease CPU usage
>>
>> Hi
>>
>> I was wondering is disabling 'bgp nexthop trigger' will decrease a
>> little CPU usage on router ? Eg.:
>>
>> cisco(config)#router bgp 111
>> cisco(config-router)#address-family ipv4
>> cisco(config-router)#no bgp nexthop trigger enable
>>
>> Router currently holds 3 full BGP feeds from external peers and  
>> nearly
>> ony full from iBGP.
>>
>> Question for Cisco engineers with deep inside IOS knowledge: What is
>> most low CPU consuming way to filter all prefixes from neighbor ?
>> a) as-path filter deny .*
>> b) route-map XX deny 10
>> c) some sort of deny ACL (ext: deny ip any any / or standard: deny
>> any) or prefix-list ?
>> d) different way ?
>>
>> I'm gonna to do some tweaks inside BGP configuration for save some
>> router CPU power.
>>
>> Robert
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list