cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
586
Views
0
Helpful
8
Replies

ngp FIB filtering

roussillon
Level 1
Level 1

hi you all.

I have seen that there is a limit in FIB for severals cisco devices like NPE-G1, supervisor engine 1 , supervisor engine 2 and some supervisor engine 720 versions.

So i decided to filter BGP in order to reduce the tables size.

Let's say for our peering we have this config:

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

no auto-summary

ip as-path access-list 1 permit ^$

if I change it to:

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

no auto-summary

ip as-path access-list 1 permit ^$

ip as-path access-list 1 permit ^60000_[0-9]*$

ip as-path access-list 1 deny any

1- will it reduce my routing table size while remaining complitly functional?.

2- do I need for this config that the neigtbor announce a default route?.

Thanks

8 Replies 8

paolo bevilacqua
Hall of Fame
Hall of Fame

1. sorry what's the proposed change ?

2. default route is seldom needed in bgp peerings. Just use default static as needed, if you have multiple you can make them subject to track object statements.

the proposed change

ip as-path access-list 1 permit ^$

ip as-path access-list 1 permit ^60000_[0-9]*$

ip as-path access-list 1 deny any

instead of

ip as-path access-list 1 permit ^$

Thanks

Hi, seems like the change would allow more prefixes rather than less.

Hi .

Actually I get about 270000 routes.

that's why I was thinking about adding some filtering

Thanks

hi paolo

why?

Thanks

Because it also permits prefixes sourced by the AS in regexp rather that only ones originated by peer AS. Also, unless you do transit, you should not need no synchronization in bgp.

Hi.

So I think I have to get something else for doing bgp.  wath could substitute de 7204 taking in to account that I will add another bgp sesion?

 

I have catalyst 6500 doing all the switching stuff . If I upgrade the sup engines, say to 720 3BXL,  could I do BGP in the catalyst  and forget about 7200?

hanks

roussillon
Level 1
Level 1

Hy You all, Hy paolo.

I rectified my acces-list

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

neighbor Myneighbor filter-list 2 in

no auto-summary

ip as-path access-list 1 permit ^$

ip as-path access-list 2 permit ^60000_[0-9]*$

ip as-path access-list 2 deny any

will it be correct now?

thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: