Need help deciding Full or Partials for BGP

mwall1 · ‎01-10-2008

Hi all,

This question isn't whether or not my hardware can handle full routes, it's more of a "how to present it to my boss so he can understand the difference" type question :-)

We have a 3845 that has plenty of RAM (512MB), that I am working on bringing into production. We're currently running partials on a 3640 with 128MB.

What types of things should I consider in switching over to full tables? We're not an ISP, nor doing much hosting at all right now. Most of our external services are VPNs (L2L and Cisco client), and email/webmail.

For now, we're really not getting into lots of the advanced features of the 3845, so full tables are definitely do-able....but I'm not sure I see any great gain to doing it. Partials seem to work fine for us now.

Can anyone help? I'm really just starting to work with BGP, so a lot is still over my head. But I'd like to be able to present pros/cons to my manager in an objective, thought-out way.

Thanks everyone,

Mike

Richard Burts · ‎01-10-2008

Mike

You present an interesting question which I believe that many people should consider. In trying to find an answer for this question I would like to ask you to think about the decision making process (in an abstract sense) and how much information we must have to make a decision. Sometimes we make decisions when we have all the available information (full tables) and sometimes we must make decisions when we have only some of the information that could be available (partial tables). How much "better" are the decisions with full information as compared to decisions with partial information. Now think about that question and factor in the additional cost of obtaining full information (memory consumed for full tables, bandwidth consumed to transmit full tables and all the updates that will be processed for full tables, and the CPU cycles to process all the updates for full tables any time that an entry in the full table changes).

I believe that most user organizations make perfectly adequate decisions with only partial tables. Some organizations (and most ISPs) need full tables but I do not get the sense that full tables would really allow you to make much "better" routing decisions.

HTH

Rick

HTH

Rick

Danilo Dy · ‎01-11-2008

Hi,

Full internet routing table is not always needed (and always the "best") even if you have all the resources for it.

If you are single-homed (connected only to one ISP), you don't need full internet routing table. You can advertised your AS/Prefix upstream so that the internet world know where you are (for incoming traffic). But you can just put a default route to your ISP (for outgoing traffic).

Similarly, if you are multi-homed (i.e. to two ISP). You can ask ISP-A to advertise to you only those directly connected to them (or up to 2 level or 3 level ....), then you can default route to ISP-B. This way, your routing table will have less entries.

IMHO, the nearer you are to the IX (Internet Exchange Points) the more internet routing table you have. For example, those ISP connected to IX carries the full internet routing table without default route .

Regards,

Dandy

mwall1 · ‎01-11-2008

Thanks everyone for the responses so far. I guess I left out some important info.

These are 2 T1 lines, each through a different ISP.

Dandy,

How would I find out how close we are to the IX?

I'll need to do some work on sanitizing it, but I can post the config lines showing our current BGP setup. I'll post that in a bit.

Thanks again

Danilo Dy · ‎01-11-2008

Hi,

Well, first the connection is very expensive :) and they usually ATM or GE. Most of those connected to IX resell their bandwidth (one thing is to recover the cost of connecting to it) which makes them a transit AS. When you become a transit AS, you need to have a full internet route so that you can provide the same to your downstream peers. Take note that not all transit AS have a direct connection to IX.

Here is the links;

1. Internet Exchange Point Directory (need to register)

http://www.telegeography.com/products/ix/index.php

2. Not sure if this is updated

http://www.pch.net/documents/data/exchange-points/ep-in-addrs.txt

If you are not a transit AS, you don't need full internet route. However, if you multi-homed to more than one upstream ISP, here are the benefits that I can see. For the sake of simplicity, you are multi-homed to two upstream ISP as an example. You need full internet route from both ISP. In your BGP routing table you see that a certain prefix/AS (remote-A) can be reach either through ISP-A or ISP-B (with partial internet route, you won't be able to see some prefix/AS), you also see that the best path to remote-A is through ISP-A. But you have a heavy outgoing traffic to remote-A and your link to ISP-B is bigger than ISP-A and its under utilized. Now, you can create a route-map in your link to ISP-B to make remote-A WEIGHT higher (if only using one router for both links) or LOCAL-PREFERENCE higher (if using different router per link) from ISP-B (match as-path). This will make all outgoing traffic destined to remote-A choose ISP-B. Now, imagine if you are multi-homed to more than 2 upstream ISP. The example situation above is only one of them.

NOTE: Remember to configure password to BGP session with your peers as BGP session can be hijack specially multi-hop eBGP.

Regards,

Dandy

mwall1 · ‎01-11-2008

Ok, here is the relevant info from our current BGP setup (sanitized). I see that ISP 1 doesn't have a password, but # 2 does (need to change that.)

Does anything blatantly wrong stand out to you guys? I'll be moving over to a 3845 router.

router bgp (Our AS #)

no synchronization

bgp log-neighbor-changes

network 70.x.x.x mask 255.255.255.0

network 207.x.x.x

neighbor 64.x.x.x remote-as 3xxx

neighbor 64.x.x.x soft-reconfiguration inbound

neighbor 64.x.x.x prefix-list ABC_COMPANY out

neighbor 69.x.x.x remote-as 7xxx

neighbor 69.x.x.x password 7 xxxxxxxxxxxxxx

neighbor 69.x.x.x soft-reconfiguration inbound

neighbor 69.x.x.x prefix-list ABC_COMPANY out

no auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 64.x.x.x

ip route 0.0.0.0 0.0.0.0 69.x.x.x 254

Danilo Dy · ‎01-11-2008

Hi,

According to your config, you allow whatever your two upstream ISP throws to you (could be full internet route). Also, you only have one router connected to both ISPs. You can choose to block all incoming announcement from your two upstream ISPs since you have a default route - else you can remove the default route.

See attached config.

Regards,

Dandy

mwall1 · ‎01-11-2008

Ok, time for my BGP ignorance to REALLY show :-) See my responses to your statements.

"According to your config, you allow whatever your two upstream ISP throws to you (could be full internet route)."

- So you're saying that we aren't necc. running partials? I was just starting at this job when the last guy set this up...and I'm pretty sure the ISP's said "No" to our old hardware being able to handle Full. But if I hear you correctly, we have to trust that they are still set up that way on the Provider's side?

"Also, you only have one router connected to both ISPs."

- Is that bad? (Seriously, not sarcastic). Single point of failure I guess? (I'm really trying to fill up and take advantage of all the extra slots in the 3845 :-)

I'm thinking that if we were a larger company, we would have 2 Edge routers on our side (CPE - 1 for each ISP). Then the 3845 would sit behind those as a Core router, where it would focus on running BGP? (In our case, the 3845 is essentially doing that, but the "Edge" routers are the ISP's gateways)

"You can choose to block all incoming announcement from your two upstream ISPs since you have a default route - else you can remove the default route."

- Blocking would lessen CPU/RAM usage I'm guessing, as we don't really need to receive announcements if we're just using default routes?

So I need to consult with our ISPs and verify what they've got config'ed on their end, to make sure we're on the same page. I seem to remember 1 provider being really helpful with this stuff, and the other not so much...

Thanks for the config example, this will help a lot. I appreciate it (And I have a TON of things to read-up on!)

Mike

Danilo Dy · ‎01-11-2008

Hi,

See my response.

- So you're saying that we aren't necc. running partials? I was just starting at this job when the last guy set this up...and I'm pretty sure the ISP's said "No" to our old hardware being able to handle Full. But if I hear you correctly, we have to trust that they are still set up that way on the Provider's side?

ANS: Since you don't have incoming BGP filter, you allow anything that your upstream ISP will throw to you. I'm not saying you already have full internet route or you only have partials. Since you don't have incoming filter, if your upstream ISP throw garbage to you, you will also received it.

- Is that bad? (Seriously, not sarcastic). Single point of failure I guess? (I'm really trying to fill up and take advantage of all the extra slots in the 3845 :-)

I'm thinking that if we were a larger company, we would have 2 Edge routers on our side (CPE - 1 for each ISP). Then the 3845 would sit behind those as a Core router, where it would focus on running BGP? (In our case, the 3845 is essentially doing that, but the "Edge" routers are the ISP's gateways)

ANS: Not bad. IMHO, if you are multihoming, one of the reason is redundancy.

It will be best (not a must) to have redundant router as well.

- Blocking would lessen CPU/RAM usage I'm guessing, as we don't really need to receive announcements if we're just using default routes?

ANS: Yes. But take note of the BGP path manipulation I mentioned in my early replies - this is not also a "must".

You can refer to this link how to block one or more network from your upstream ISP http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801310cb.shtml

Regards,

Dandy