[c-nsp] NCS5501(-SE) in P and SP Peering roles

Saku Ytti saku at ytti.fi
Wed Nov 15 08:08:17 EST 2017


On 15 November 2017 at 14:47, Jason Lixfeld <jason at lixfeld.ca> wrote:

> The NCS5501 as a P (ISIS, BFD, LDP) and the NCS5501-SE as a SP Peering (ISIS, BFD, LDP, v4/v6-full-Internet-table-in-a-VRF, Full XR RPL stack, CoPP/LPTS) would be the candidate use cases.

Test the LPTS.

Question to asks yourself, when is it acceptable to suffer collateral damager?

Imagine that 'bad BGP' is someone accidentally doing L2 loop, offering
linerate of BGP packets, and 'good BGP' is normal BGP.

a) when bad BGP and good BGP are in separate NPU
b) when bad BGP and good BGP are in same NPU, different interface
c) when bad BGP and good BGP are in same NPU, same interface, different VLAN
d) when bad BGP and good BGP are in same NPU, same interface, same VLAN

In my opinion collateral damage is fine in d), but not in any other
case. I know you can (but no one does in practice) protect JunOS in
each case.

Internet mostly works, because no one is motivated to break it,
breaking it would be easy and require very modest pps, like <5Mbps per
box is usually sufficient to kill it. How many edge boxes in Internet
you need to break, to consider Internet broken? 100? 1000? 10k?

-- 
  ++ytti


More information about the cisco-nsp mailing list