[c-nsp] BGP maximum-prefix on ASR9000s
adamv0025 at netconsultings.com
adamv0025 at netconsultings.com
Mon Feb 3 16:15:26 EST 2020
> Mark Tinka
> Sent: Monday, January 27, 2020 7:14 AM
>
> On 27/Jan/20 08:05, Hank Nussbacher wrote:
>
> > As many of us run full routing tables on our ASR9000s, we have just
> > found popping up in our logs:
> > gp[1058]: %ROUTING-BGP-5-MAXPFX : No. of IPv4 Unicast prefixes
> > received from xxx.xxx.220.91 has reached 786433, max 1048576
> > Reference:
> >
> https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r
> > 5-3/routing/configuration/guide/b_routing_cg53xasr9k/b_routing_cg53xas
> > r9k_chapter_010.html
> >
> > The undefined default for maximum-prefix on ASR9000s (IOS-XR) is
> 1048576.
> > Recommendation: increase maximum-prefix to 1500000
>
> Known issue since IOS XR launched back in the day.
>
> For as far back as I can remember (probably 2010 or earlier), we always had
> the below line as standard configuration in all our IOS XR platforms for BGP
> sessions that did not require a prefix limit:
>
> maximum-prefix 4294967295 75
>
Have you tested what happens with an XR BGP when a valid peer sends you ~2,147,483,647 prefixes please?
My guess is the BGP runs out of memory and restarts -what happens to the FIB on all line-cards I'm not even guessing...
And then the RRs pushing 2bilions of prefixes to all other PEs in the AS...
I actually haven't tested so would be interested to know.
Anyways I'd rather have the offending internet peer/peers reset at around 1M or so -while BGP and line-cards can still cope with the load.
Of course VPN customers have lower thresholds.
adam
More information about the cisco-nsp
mailing list