[j-nsp] Managing large route-filter-lists
Brian Rak
brak at gameservers.com
Mon May 21 16:09:42 EDT 2018
On 5/21/2018 3:37 PM, Vincent Bernat wrote:
> ❦ 21 mai 2018 14:51 -0400, Brian Rak <brak at gameservers.com> :
>
>> We switched this over to using ephemeral configs:
>> https://www.juniper.net/documentation/en_US/junos/topics/concept/ephemeral-configuration-database-overview.html
>>
>> This seems to have dramatically reduced configuration time (at the
>> expense of being slightly less clear).
>>
>> It also has the bonus that our IRR filters no longer show up in the
>> main configuration, and 'show | compare' is back to being fast again.
>>
>> The downside seems to be that these can blow up the router somehow...
>> there's a big warning about it in the py-ez code:
>> https://github.com/Juniper/py-junos-eznc/blob/master/lib/jnpr/junos/utils/config.py#L750
> There are also some warnings about use with GRES and NSR. They explain a
> bit about GRES, but they don't say what's wrong with NSR. For IRR, it
> seems that if the static database contains an "allow all" and the
> ephemeral database contains the IRR filter, you should be good. Did you
> get Juniper to confirm your use case is correct?
I asked them in my JTAC case, but so far they responded with "who told
you to ask us"... I'm waiting to see if they get back to me with better
information.
Meanwhile, I deployed this on one of our routers to test, and it seems
to be working fine so far.
More information about the juniper-nsp
mailing list