01-28-2009 03:09 AM - edited 03-04-2019 01:00 AM
hi you all.
I have seen that there is a limit in FIB for severals cisco devices like NPE-G1, supervisor engine 1 , supervisor engine 2 and some supervisor engine 720 versions.
So i decided to filter BGP in order to reduce the tables size.
Let's say for our peering we have this config:
router bgp 30000
no synchronization
no bgp fast-external-fallover
bgp log-neighbor-changes
bgp dampening
network .......
neighbor Myneighbor remote-as 60000
neighbor Myneighbor send-community
neighbor Myneighbor soft-reconfiguration inbound
neighbor Myneighbor filter-list 1 out
no auto-summary
ip as-path access-list 1 permit ^$
if I change it to:
router bgp 30000
no synchronization
no bgp fast-external-fallover
bgp log-neighbor-changes
bgp dampening
network .......
neighbor Myneighbor remote-as 60000
neighbor Myneighbor send-community
neighbor Myneighbor soft-reconfiguration inbound
neighbor Myneighbor filter-list 1 out
no auto-summary
ip as-path access-list 1 permit ^$
ip as-path access-list 1 permit ^60000_[0-9]*$
ip as-path access-list 1 deny any
1- will it reduce my routing table size while remaining complitly functional?.
2- do I need for this config that the neigtbor announce a default route?.
Thanks
01-28-2009 04:13 AM
1. sorry what's the proposed change ?
2. default route is seldom needed in bgp peerings. Just use default static as needed, if you have multiple you can make them subject to track object statements.
01-28-2009 05:26 AM
the proposed change
ip as-path access-list 1 permit ^$
ip as-path access-list 1 permit ^60000_[0-9]*$
ip as-path access-list 1 deny any
instead of
ip as-path access-list 1 permit ^$
Thanks
01-28-2009 05:49 AM
Hi, seems like the change would allow more prefixes rather than less.
01-28-2009 06:36 AM
Hi .
Actually I get about 270000 routes.
that's why I was thinking about adding some filtering
Thanks
01-28-2009 06:38 AM
hi paolo
why?
Thanks
01-28-2009 06:41 AM
Because it also permits prefixes sourced by the AS in regexp rather that only ones originated by peer AS. Also, unless you do transit, you should not need no synchronization in bgp.
01-31-2009 09:20 AM
Hi.
So I think I have to get something else for doing bgp. wath could substitute de 7204 taking in to account that I will add another bgp sesion?
I have catalyst 6500 doing all the switching stuff . If I upgrade the sup engines, say to 720 3BXL, could I do BGP in the catalyst and forget about 7200?
hanks
02-07-2009 02:22 AM
Hy You all, Hy paolo.
I rectified my acces-list
router bgp 30000
no synchronization
no bgp fast-external-fallover
bgp log-neighbor-changes
bgp dampening
network .......
neighbor Myneighbor remote-as 60000
neighbor Myneighbor send-community
neighbor Myneighbor soft-reconfiguration inbound
neighbor Myneighbor filter-list 1 out
neighbor Myneighbor filter-list 2 in
no auto-summary
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit ^60000_[0-9]*$
ip as-path access-list 2 deny any
will it be correct now?
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: