I'm using cat6500 WS-SUP720-3BXL as BGP router for 3 full view upstream an several clients. Different clients want to use different upstream for output traffic, but output should be redundant . So I should implement VRF + BGP.
I have done the following config:
ip vrf Upsream1
import map Bacup1-rmap
route-target export Y:Z
route-target import N:M
ip vrf Upsream2
import map Bacup2-rmap
route-target import Y:Z
route-target export N:M
router bgp XXX
address-family ipv4 vrf Upsream1
neighbor Y.Y.Y.Y remote-as ZZZ
neighbor description GoodUplink
address-family ipv4 vrf Upsream2
neighbor N.N.N.N remote-as MMM
neighbor description BadUplink
after loading full view in to table I get error
MLSCEF-SP-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be software switched
#show platform hardware capacity forwarding
L3 Forwarding Resources
FIB TCAM usage: Total Used %Used
72 bits (IPv4, MPLS, EoM) 1032192 1002192 95%
144 bits (IP mcast, IPv6) 8192 8 1%
detail: Protocol Used %Used
IPv4 600035 64%
MPLS 32992 31%
#show mpls forwarding-table
show all routes with label.
Question: is can I some how use VRF+BGP but disable TCAM MPLS table usage, and label generation for my platform?
Ipv4 routes ---1 TCAM entry
ipv4 routes(vpn/vrf) -- 1 TCAM entry
ipv4 multicast -- 2 TCAM entry
ipv6 (anycast/unicast) -- 2 TCAM entry
MPLS labels -- 1 TCAM entry
But look like BGP+VRF =2 TCAM entry.
Is there any workaround to use 1 TCAM entry for one route in VRF from BGP for 6500?
You can't disable TCAM utilisation as this is what allows traffic swithing in hw. But they have limited number of entries (1M in your case) so when the TCAM is full, new entry can't be programmed and will be switch in software impacting the CPU.
Do you really need the full routing table in several VRF ? it's not a recommanded design. If you need to bind a customer with an upstream SP, a default route received from each SP is enough. Each upstream VRF export it with different RT and on customer vrf, you import two of them for redundancy.
Do you really need the full routing table in several VRF ? it's not a recommanded design.
To be clear, vpnv4 routes will use two TCAM entries irrelvant to whether it's VRF lite or MPLS L3 VPN.
1 ipv4 route = 1 TCAM entry from ipv4 space.
1 vpnv4 route = 1 TCAM entry from ipv4 space + 1 entry from MPLS space. So two entries total.
You can reallocate your 1M TCAM entries so that approx 512K are ipv4 and 512K are MPLS(leave a little for other things) and then you have can ~500K vpnv4 routes but as Laaubert indicated this is not a great way to go about things.
Per VRF label will not change anything about TCAM usage. This is why I made the point that it does not matter if the route is vpnv4 or vrf-lite. Any time a route(label or not) is in a VRF routing table on the 6500 is will use extra TCAM entries.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...