What are the differences/affects of accepting full bgp routes vs. default? I've heard that full routes gives you more flexibility in traffic shaping, but a clear example of how that is would be useful if someone has a few minutes to explain.
Hi, I read your post and when your router receives ful routing updates from it neighbors your router will be using more memory to store all of the routes in the neighbors routing table. All of that routing information maynot be needed as long as your packet can make it to the next BGP router and then that router can send it out to the next route. Cisco recommends you have at lease 128 MB of RAM but suggest 256MB of RAM to store a complete global BGP routing table. I have BGP on our boder routers and we have the routes filtered and a default route set for better CPU and memory performance. Thst the best I can do to explain this ti you , maybe some other experts can give you more information. HTH
With full routes, you can load balance outgoing traffic better. Each ISP will contain a different AS_PATH information for each prefix. Some prefixes may be preferred over the primary ISP and some other prefixes may be preferred over the secondary ISP.
Thank you both for your responses. My questions were mostly leading towards how these decisions are made. Let me explain...my organization currently is single-homed with statics pointing to our provider, so I guess I'm a little at a loss as to how you go about deciding what prefixes you would actually start to allow on top of default.
My initial thoughts would be to accept full routes but from our providers, but filter to allow only 0/0 initially? To determine the prefixes, do you just have to know where your servers/users are going and starting to build a prefix table if you will that can be used on top of default?
Any help would be appreciated on the thought process.
The decision is based on what such allows you to do and its importantance to your organization vs. the cost.
For instance, both you and Edison touched on one major factor; single-homed or not.
Being single homed, and accepting all Internet prefixes, would allow you to decide whether an outbound destination is known or not. I.e. you can drop bad destination addressed packets. You can also easily use reverse path check to determine whether any incoming packet, from inside or outside, has a proper source address; drop it if it doesn't.
For the prior, it comes with additional cost. More memory, more CPU, more complex configuration.
From a routing perspective (still single homed), what advantage will you gain if you only have once path? What advantage do you gain using a subset of prefixes?
Multi-homed opens us the possibility of making a better routing decision, but it too also has the resource impact issues.
Receiving full routing table helps better in multi-homing network rather than single-homing (in single-homing irrespective of receving full routing table or only default, the forward traffic has to exit on that interface, the only advantage is to enable RPF for preventing spurious traffic but comes with more resource impact).
Most of the service providers will feed the internet routing prefixes (around 2.5lakhs) along with region based communities (community is a BGP attribute). for example - ISP A will give prefixes belong to East Coast with community 8888:1111 and West Coast with community 8888:2222 with strong presence in US. ISP B will give you the region specfic communities who has strong presence in UK. You can get these community values along with BGP internet routes and based on that you have the flexibility to decide on routing specific traffic.. If your destination is UK, then you can choose ISP B, if it is US you can choose ISP A. You will do this by increasing Local Preference based on communiteis or by various BGP attribute manipulation.
In my opinion, there are no advantages of using BGP when you are single homed. You probably will not be able to secure a AS number for yourself either. I think you are better off doing default routing to the ISP for now. If and when you decide to do DUAL homing from 2 different ISPs and have your own AS number and a subnet it will make more sense to do BGP at that point. It should not matter where your users are going on the internet because they are only taking one path out from with your edge router anyway.
If you have other destinations within your internal network where your users are going, your firewall should have a different interface pointing to that portion of the network if you are controlling that access.
The optimizations and destinations in the internet are decided by the ISP's IBGP peers and the AS hops which you as a edge customer should not have to worry about.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...