[c-nsp] prefix lists updates and max prefix filters
James Ashton
james at gitflorida.com
Mon Dec 5 12:08:06 EST 2011
Hi all.
I have run into a problem that seams obvious, but is new to me.
I control outbound announcements with a prefix filter. I update this filter daily with a small shell script. t has been working for several years now without problem, but for the last few months one of our upstreams has dropped our session for hitting a max prefix filter. The session drops within seconds of issuing the "no ip prefix-list XXX" command. Before I can rebuild the filter.
As I said, the problem seams obvious, but the solutions all seam less than elegant. I can only really see 2 ways through it, but I am probably missing several. First would be to run a prefix list and an access list and update them one at a time. So one it always in place. The second would be to edit the prefix list one line at a time and never actually regenerate the entire list in one shot. This seams the most proper/elegant method and the one putting the least CPU strain on a hard working router. It would also cause me to write good bit more code that no-one else here could edit.
I am using rtconfig to generate the lists, so adding another isn't a huge project, but will add additional CPU time to a router that is begging for more CPU as it is.
Thoughts?
Thank You
James
More information about the cisco-nsp
mailing list