[c-nsp] how many maximum BGP routers can be to reside in one AS?

Scott Granados scott at granados-llc.net
Tue May 31 12:58:14 EDT 2011


Not only project scrapped but a waste of tax payer monies.

My experience with federal projects is the same.  It's very sad.


On May 31, 2011, at 9:46 AM, Hammer wrote:

> Kinda OT, I once was contracted to roll out a VPN solution for a large
> federal client. Bad situation. The design was already completed by a third
> party (without vendor consultation) and then handed to me to implement. They
> had over 3000 sites and wanted to deploy mid-range VPN concentrators at each
> location. I was totally confused until I spent a day or so digging into the
> design. They wanted a FULL MESH. All concentrators peering with all the
> others. It only took me about 3 days to get the specs from the vendor and do
> the math to tell them that the fixed memory would cap out at around 700-900
> VPNs. Since I was a lowly contractor I was told to shut up and supervise the
> roll out. I told them the math doesn't lie and it wouldn't work. Again:
> "shut up and roll it out". OK..... 4 weeks later we hit around 1000 VPNs and
> started experiencing something similar to a rolling blackout or rolling
> black hole. They freaked out. Called in the vendor and ripped them up.
> Vendor looked at the math and told them it wouldn't work and whoever
> designed it was an idiot. Project scrapped.
> 
> Bottom line is that your only limitation with BGP is your design and your
> hardware. If you build it... It will mesh....
> 
> 
> -Hammer-
> 
> "I was a normal American nerd."
> -Jack Herer
> 
> 
> 
> 
> 
> On Thu, May 26, 2011 at 1:44 PM, Keegan Holley <keegan.holley at sungard.com>wrote:
> 
>> 2011/5/26 Nick Hilliard <nick at foobar.org>
>> 
>>> On 26/05/2011 18:20, Keegan Holley wrote:
>>> 
>>>> Why on gods green earth would anyone fully mesh 2500 routers.
>>>> 
>>> 
>>> People do the most extraordinary things.  A couple of years ago, a well
>>> large italian access service provider natted their entire customer range
>> to
>>> a handful of public addresses.  That was fun, and I expect it taught them
>>> some serious lessons about how natting your entire customer range is a
>>> really bad idea.
>>> 
>>> But I guess lots of service providers will need to learn this lesson the
>>> hard way very soon.
>>> 
>> 
>> Agreed, but hopefully that provider didn't do that based on a vague
>> conversation via a newsgroup with someone halfway across the world with
>> their first message saying that they do not plan to nat their entire
>> customer range. ;)
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list