[c-nsp] ME3600 iBGP to RR

Mark Tinka mark.tinka at seacom.mu
Fri Mar 6 00:35:10 EST 2015



On 5/Mar/15 19:12, Adam Vitkovsky wrote:
>
> Sorry, now I see I haven't made myself clear at all, I meant
> disconnected from VRFs perspective.
> Of course the box would have been reachable over OOB management
> network or via IGP.

Of course :-).
>
>
> These are interesting numbers indeed.
> And I wanted to ask you for some time now what prefixes do you
> actually leak into the FIB to make any use of it.

Internal iBGP routes, customer routes held in iBGP, some routes from
peers (they need to be in the FIB as we do some special things with them
re: forwarding), 0/0 and ::/0.

> Because how I would use this is just to get the full table to the
> customer hanging off of the ME.

We hold everything else in RAM, and just hand it off to customers via
eBGP sessions.

>
> Anyways the problem is 20K is not that much and can easily be
> exhausted with VPN customer prefixes in which case the SD can't really
> be used.
At any rate, BGP-SD is not supported for VPN address families.

>
> You just need to make sure you never mess up the route-map used for SD.

If you want to be simple, a simple "route-map BLAH deny 10" is all you
need to have nothing installed in the FIB.

Otherwise, you can create a route-map similar to what you'd do for a BGP
routing policy to decide what enters the FIB. Nothing more special than
that.

Mark.


More information about the cisco-nsp mailing list