[c-nsp] Internet in VRF
Adam Vitkovsky
Adam.Vitkovsky at gamma.co.uk
Tue May 5 08:23:34 EDT 2015
Hi Dan,
> Sure it's a drawback deploying a new feature but it depends on the
> network/situation. If you have a network that already has Internet in GRT
> and you want to improve routing diversity and convergence, then add-paths
> is a lot less painful than trying to move Internet into a VRF.
I concur
> Internet in VRF has it's merits and I'm not against it but personally I
> prefer Internet in GRT - I've never come across a situation where I
> couldn't achieve something with Internet in GRT vs. in a VRF and I'd prefer
> to avoid the extra resource usage it entails and the potential for someone
> to sausage finger something and import the full table into another VRF and
> kill the FIB.
Well I always deploy per VRF route-limit (not just bgp session limit) to make sure none of the VRFs can kill the whole PE.
> IIRC, enabling add-paths overrides best-external (enables it anyway) but
> that may be platform dependent.
Might be so as best external exception to the BGP best path selection is a must in order to advertise alternate AS-exits to iBGP neighbours.
> I don't know why PIC would be required - I don't see any need for
> sub-second convergence of Internet prefixes (and more than a single FIB
> entry for an Internet prefix). I'm sure someone will come along with a use
> case... :)
>
Not sure what the exact numbers for ASR9k are but on MX960 It takes around a minute to reprogram next hops for 500k prefixes.
Hence my earlier assumption that some just don't care since its Internet service.
adam
---------------------------------------------------------------------------------------
This email has been scanned for email related threats and delivered safely by Mimecast.
For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------
More information about the cisco-nsp
mailing list