[c-nsp] how many maximum BGP routers can be to reside in one AS?
Hammer
bhmccie at gmail.com
Tue May 31 12:46:28 EDT 2011
Kinda OT, I once was contracted to roll out a VPN solution for a large
federal client. Bad situation. The design was already completed by a third
party (without vendor consultation) and then handed to me to implement. They
had over 3000 sites and wanted to deploy mid-range VPN concentrators at each
location. I was totally confused until I spent a day or so digging into the
design. They wanted a FULL MESH. All concentrators peering with all the
others. It only took me about 3 days to get the specs from the vendor and do
the math to tell them that the fixed memory would cap out at around 700-900
VPNs. Since I was a lowly contractor I was told to shut up and supervise the
roll out. I told them the math doesn't lie and it wouldn't work. Again:
"shut up and roll it out". OK..... 4 weeks later we hit around 1000 VPNs and
started experiencing something similar to a rolling blackout or rolling
black hole. They freaked out. Called in the vendor and ripped them up.
Vendor looked at the math and told them it wouldn't work and whoever
designed it was an idiot. Project scrapped.
Bottom line is that your only limitation with BGP is your design and your
hardware. If you build it... It will mesh....
-Hammer-
"I was a normal American nerd."
-Jack Herer
On Thu, May 26, 2011 at 1:44 PM, Keegan Holley <keegan.holley at sungard.com>wrote:
> 2011/5/26 Nick Hilliard <nick at foobar.org>
>
> > On 26/05/2011 18:20, Keegan Holley wrote:
> >
> >> Why on gods green earth would anyone fully mesh 2500 routers.
> >>
> >
> > People do the most extraordinary things. A couple of years ago, a well
> > large italian access service provider natted their entire customer range
> to
> > a handful of public addresses. That was fun, and I expect it taught them
> > some serious lessons about how natting your entire customer range is a
> > really bad idea.
> >
> > But I guess lots of service providers will need to learn this lesson the
> > hard way very soon.
> >
>
> Agreed, but hopefully that provider didn't do that based on a vague
> conversation via a newsgroup with someone halfway across the world with
> their first message saying that they do not plan to nat their entire
> customer range. ;)
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list