BGP in a 4948

Unanswered Question
Mar 30th, 2007

Hi, I've just acquired a pair of 4948 and need to do multihoming with two different carriers. Just now I've seen that the FIP table in the 4948 (Gbe, not 10GbE) is limited to 32000 entries. My questions are:

1.- Given that the full BGP internet table is about 200000 entries, ?what will happen if I try to do full transit with these machines?

2.- Would it be possible to take the full transit table and filter AS-paths just for the entries originated in each of the carriers to reduce them so they fit int the FIB? Or the filtering process would eat up all the resources from the machine?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kypamop Mon, 04/02/2007 - 07:27

Hi!

First of all it's not the best idea to use enterprise switch for BGP peering. But since I've already bought your 4948 let me tell you some assumptions:

1. As you probably know there are two types of routing table: RIB & FIB. First one actually shouldn't be limited to 32K entries, but limited to the available RAM on the switch. From my experience with 7206 router (with 256M), it runs out of memory then it has about 200K routes (roughly one Internet full-view). So we can say that 4948 with 256M RAM would behave almost the same or maybe worse. And as you mentioned previously FIB on the 4948 is actually has a limit to 32K prefixes. So, nor FIB, nor RIB are enough to support your task.

2. As far as i know if you are not going to turn on features like soft-updates, all the incoming updates which are defined to be filtered, won't occupy RAM. Additionally you might ask your providers to originate default information for you via E-BGP.

Hope this helps!

laloperez Mon, 04/02/2007 - 09:00

Thank you for your response! It was helpful for me.

Anyway, and just related to the fact that a 4948 doesn't fit well as a BGP router: the problem here is that Cisco sells it as a BGP CEF capable multilayer switch and you pay a premium just for the BGP, OSPF and IS-IS routing capabilities, only to discover (too late) that BGP is unusable for anything more than default BGP routing. Maybe is my fault for not diving in the enormous info at cisco's website and look for the "max routing entries" item in the tech specs, wich is not always available and suppose that, as with other routers, is just a matter of DRAM.

And it's a great MLS this one. Have no complaints. Ultra-fast, dense, and compact. Ideal for us in a limited budget, because anything else that supports both inter-vlan routing with gbit wire-speed for 250+ machines AND BGP is in the 6500/7600 range (not even 7200). Out of our resources (by now).

Oh, by the way, ?which kind of router we must have in two years from now if the routing table keeps growing as today? Only supervisor 720 with 1 Gig just to do a plain multihoming? It's crazy...

Again, thank you very much and sorry for the complaints wich hasn't anything to do with the matter of this post, but I'm a bit dissapointed and I had to tell it to someone :)

Kypamop Mon, 04/02/2007 - 11:05

Perhaps the state of things is not so bad as you describe. :) I do think that you'd be able to implement lots of policies even with 32K FIB. You know full-view table gives you the best flexibility in terms of defining routing policies, however you might achieve almost the same using only hundred or thousand prefixes.

Can you tell me in details what goal you are going to achieve?

As for future you can do InterVLAN routing using 4948, and use dedicated 7204/7206 for BGP peering.

laloperez Mon, 04/02/2007 - 23:36

>>As for future you can do InterVLAN routing using 4948, and use dedicated 7204/7206 for BGP peering.

In fact, that's our intention, later in the year.

With respect to our goal is dead simple: just multihome to two ISP, with two different routers so when traffic is going to the AS of one of them, take the exit throgh the direct connected router, and the same for the other AS. For the rest there's not preference, by now while we examine route patterns to determine wich ISP is preferred. Later we could manipulate the preferences to load balance as much as possible.

When traffic comes, if the route includes the AS of any of them, the preferred entry point is, again, the direct connected router for that ISP. Internally, we've planned 25 VLAN in our LAN and with STP and HSRP we'll provide defult gateway redundancy to our servers. The 4948 are ideal for this purpose.

I think this is a typical "case study" for multihomed BGP, but I'm not very sure if I can do it with just 32k FIB.

By the way, ISP are Teleglobe (VSNL Int.) and Cogent, pretty big both of them, I think. Not of the "2000 entry customer routes" kind.

Again, thank you for your time.

Kypamop Tue, 04/03/2007 - 01:25

Try to get only your peers and their clients originated routes :

AS-Path-Filter ^_[0-9]*$

AS-Path-Filter ^_[0-9]*$

then examine if one or two of your ISPs send a default route to you, and if they do then accept it too. If they do not then you should figure out what is the exit border router from the ISPs Autonomous System and set default routes to these routers (you should have routes to these routers from first step). So if I'm not wrong the default route will go down if the route to next-hop dies, and then next default route will become active.

laloperez Wed, 04/04/2007 - 01:33

Well, in first place, I'm going to define two default routes in each router, one to the ISP and another to the second router, with an administrative distance of 150. Each router is the active default gateway for half the VLANs through HSRP, and STP is engineered in order to match the HSRP active router and the root bridge for each VLAN. HSRP is, too, tracking the external interface to be aware of problems in the direct connection with the ISP. Of course, all this means that a problem in the internal network of any of our providers will force me to change routes by hand, but I have not any better ideas. I solicited to my ISP a default route in the first instance to see if all works, and I just announce our unique prefix (a /18 one) to both of them, so incoming traffic could be more or less balanced. After all is working, I'll try to begin to filter AS and such.

Thank you again

Actions

This Discussion