[c-nsp] ASR-100x intro

Adam Vitkovsky adam.vitkovsky at swan.sk
Thu Feb 7 11:26:14 EST 2013

Yes the XR ability of table-map to actually filter prefixes rather than just
modifying their parameters during RIB installation was of great value for
IPv4 RRs
Though it's not needed on pure control plane VPN RRs as those do not have
any VRFs so no RIBs and consequently no FIB to update

Wondering what the numbers would be for CRS3 CPU and RAM acting as a pure
control-plane box

-----Original Message-----
From: Nick Hilliard [mailto:nick at foobar.org] 
Sent: Thursday, February 07, 2013 4:45 PM
To: Adam Vitkovsky
Cc: 'Nikolay Shopik'; 'Charles Sprickman'; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASR-100x intro

On 07/02/2013 12:04, Adam Vitkovsky wrote:
> Wow so from ASR1004 and upwards we're indeed not limited by the number 
> of VPN routes anymore so goodbye RR Planes (I'm going to miss this 
> state of art BGP design). 8k sessions is also enough to serve a 
> particular region

on the asr1k, you can stop propagation of the best path rib entries to the
hardware fib, which will usually max out at either 500k or else 1m entries.
 This means that when acting as a RR, the asr1k is constrained only by the
amount of RAM and the CPU power.  The FIB size is no longer relevant.

The command to do this is:

router bgp 64512
 table-map rm-filter-bgp-to-fib		<------- magic sauce
 neighbor x.y.z.w route-reflector-client  [etc]

route-map rm-filter-bgp-to-fib permit
 match blahblahblah

You can then tune the rm-filter-bgp-to-fib route-map only to permit what you
want in your TCAM instead of getting everything, including VPN prefixes.

So on an asr1001, which you can pimp up to 16G, you could handle many full
DFZ VPNs separately, even though the box can only handle 1m prefixes in
hardware.  Just be careful about the ASR1002: the base model can only take
4G RAM and this is not upgradable.  This limitation is fixed in the


More information about the cisco-nsp mailing list