[c-nsp] 6500 router hangs (IPV4 routing slows to a crawl) when IPV6 routing is enabled with VRFs.
Ross Halliday
ross.halliday at wtccommunications.ca
Tue Jun 12 11:52:39 EDT 2012
On Tuesday, June 12, 2012 10:21 AM, Jim Trotz wrote:
>
> Our enterprise backbone network has 2ea 6500s with Sup720XLs which
> connect
> to our 3 major ISPs at 10Gbs. We call these the Internet Hubs. They are
> running SXI5 IOS and are configured for BGP (full table), Internet IPV4
> Multicast routing and EIGRP for IGP. They are running both IPV4 & IPV6
> in a
> dual stack mode with no problems for over a year.
>
> ...
>
> 1) "mls ipv6 vrf ", "ipv6 address-family" added to one or
> more
> VRF definitions.
>
> 2) The "outside" VRF table holds the full Internet table + EIGRP
> routes to local "outside" devices/subnets.
>
> 3) IPV4 BGP session to a neighbor is open and operational and
> sharing
> the "outside" VRF.
>
> 4) No other IPV6 configuration has been entered yet.
>
>
SUP720-10G-3CXLs, correct? If I recall correctly the 3Cs have a larger Layer 2 table but tout the same number of routes. So you're running three peers generating a full Internet feed into an IPv4 VRF with MPLS enabled? This will pretty much kill a 3B. Dumping a full Internet view into a VRF increases the amount of TCAM space consumed immensely. The XLs have more TCAM space and are less likely to puke. Makes a lot of sense that turning on IPv6 would do the same on a slightly larger router as I think the 3C XLs are a bit bigger still.
When I was playing with putting the Internet in a VRF, aside from the non-XL running out of TCAM space and process switching everything, the switch that could handle it would spend a very long time reprogramming the TCAM. I don't remember the name of the process but it was pretty obvious. By a long time I mean somewhere around 5-10 minutes... this happened as soon as BGP started downloading routes in a VRF. I'm not sure what exactly happens when you turn on IPv6 but I wouldn't be surprised if it shuffles things around.
Max supported routes here: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/product_data_sheet09186a0080159856_ps2797_Products_Data_Sheet.html The way it was explained to me is that setting up VRF increases the TCAM footprint by a factor of three or four. Say 1,000,000 IPv4 routes turns into 333,333 or 250,000 VRF routes or something like that.
When I went down this path before I came to the conclusion that if I wanted a full Internet feed in a VRF then I should be running ASR9ks. Ended up staying with the Sup7203BXL and not using any VRFs on the edge router, but redistributing a 0/0 route into VRF land.
Hope this helps
Cheers
Ross
More information about the cisco-nsp
mailing list