Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

BGP routing on Cisco ASR 1002 router


I had a few questions I was hoping to get some answers to.  I was trying to figure out a way to to limit BGP tables per output port on my router.

The situation is currently I have a 700 Meg pipe coming in from my ISP which feeds into the ASR 1002 router.  I have one customer who tries to utilize a full BGP route table.  When they do this it uses up the CPU usage on my core switch, a Catalyst 6509-E switch, due to the fact that it is only capable of 256,000 routes with the Supervisor engine I have installed which is the WS-SUP720-3B.  Currently I have put a filter list on my neighbor route to limit the number of BGP routes available but this limits everybody's connection coming out of the router now I believe.  Is it put the access-list which is limiting my BGP routes on just specific output ports of the router instead of on the incoming connection?

Any help would be appreciated.

Thank you,

Community Member

Re: BGP routing on Cisco ASR 1002 router

If your router has the full table and there is no outbound filter, then you will share the full bgp table with your customer
If you can provide more details like your bgp config in addition to show version

Sent from Cisco Technical Support iPhone App

Community Member

Re: BGP routing on Cisco ASR 1002 router

I have attached show version as a text file below.

Also below is a little bit more detail. 

What we did was change to a different connection for bandwidth from AT&T.  Originally we had an OC-12 connection which due to limitations in that connection the BGP routing was not an issue.  We now have upgraded to a full GigE connection from AT&T for our bandwidth and without any filters on it we get a full BGP routing available which is overloading our core switch ( Catalyst 6509-E) due to the Supervisor Board (WS-SUP720-3B) we have running in it only being cable of so many routes and we have a customer hooked up in that core switch utilizing a 400Meg fiber connection and trying to utilize a full BGP route table which is pushing the CPU usage on our Catalyst 6509-E to its limits due to I believe them trying to use a full BGP route table.

To temporary fix this problem we changed the access-list that the neighbor IP address was using.  It was using access-list 86 which lets everything through and we changed it to access-list 85 which just lets AT&T through I believe.

neighbor filter-list 85 in

ip as-path access-list 85 permit ^7018$
ip as-path access-list 86 permit ^7018_[0-9]*$

What I was curious about is can you put these access list restrictions on an outbound port of the ASR1002 instead of on the incoming connection.  If so what I am going to do is move my 400Meg fiber connection customer to one of the extra GigabitEthernet ports on the ASR1002 and try to just give that port the access-list 86 permissions so they can have a full BGP table and leave the access-list 85 restrictions on the GigabitEthernet port feeding my core switch and remove the restriction for the neighbor IP address.

Thanks for the assistance.

CreatePlease to create content