[j-nsp] EX Series | 10.4R3.4 Limited Received Routes

Richard A Steenbergen ras at e-gerbil.net
Sun May 1 21:19:29 EDT 2011 

On Sat, Apr 30, 2011 at 08:48:59AM -0700, Bill Blackford wrote:
> So if what you are saying is that the EX, only being capable of 16k 
> routes, will only "Receive" and "Accept" a random smattering of a full 
> table being sent up to 16k and any filters beyond that filter on the 
> 16k "Received" and installs that balance as "Active"?
> 
> If this assumption is correct, then what I'm seeing is expected 
> behavior?

The 16k limit is a RIB limit from the default hard-coded configuration 
on small-EX's. This doesn't really protect the FIB, as the FIB is much 
smaller still, more along the lines of 12k total unicast entries for 
IPv4 (and much less if you actually install IPv6 routes) on 
EX3200/4200..

You can see the RIB limit at /etc/config/ex-series-defaults.conf:

        routing-options {
            rib inet.0 {
                maximum-prefixes 16384;
            }
            rib inet6.0 {
                maximum-prefixes 4096;
            }

All you have to do to override this is apply those options with 
increased values to your own configuration. Of course if you do, you'll 
immediately hit the next limit, a hard-coded maximum data size of 128MB 
which will cause rpd to coredump when it allocates that much memory. To 
change this, you have to edit /boot/loader.conf and increase the 
kern.maxdsiz line to something a little more sensible (like say 512MB). 
Unfortunately this value will be blown away every time you do a new 
jinstall, so you'll need to keep it up to date every time you upgrade.

To not flood your FIB, you'll need to block a bunch of routes at the 
RIB->FIB export layer, which happens in a policy you apply at 
"routing-options forwarding-table export XXXXXX". For example, you might 
want to allow a default, static, isis|ospf, and some internal cust 
routes, but otherwise block the rest of the BGP routes to keep the table 
size small.

None of this has anything to do with an arbitrary liit of 28k active 
routes. If you were bumping up against the maximum-prefixes config, the 
number would be 16k total for the RIB, not 28k. When this limit gets 
hit the future routes are just silently dropped from the RIB, which is 
certainly a lot better than the Cisco method of disabling CEF and making 
the box unusuable until someone goes to reboot it. :)

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

More information about the juniper-nsp mailing list