Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

ngp FIB filtering

hi you all.

I have seen that there is a limit in FIB for severals cisco devices like NPE-G1, supervisor engine 1 , supervisor engine 2 and some supervisor engine 720 versions.

So i decided to filter BGP in order to reduce the tables size.

Let's say for our peering we have this config:

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

no auto-summary

ip as-path access-list 1 permit ^$

if I change it to:

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

no auto-summary

ip as-path access-list 1 permit ^$

ip as-path access-list 1 permit ^60000_[0-9]*$

ip as-path access-list 1 deny any

1- will it reduce my routing table size while remaining complitly functional?.

2- do I need for this config that the neigtbor announce a default route?.

Thanks

8 REPLIES
Hall of Fame Super Gold

Re: ngp FIB filtering

1. sorry what's the proposed change ?

2. default route is seldom needed in bgp peerings. Just use default static as needed, if you have multiple you can make them subject to track object statements.

New Member

Re: ngp FIB filtering

the proposed change

ip as-path access-list 1 permit ^$

ip as-path access-list 1 permit ^60000_[0-9]*$

ip as-path access-list 1 deny any

instead of

ip as-path access-list 1 permit ^$

Thanks

Hall of Fame Super Gold

Re: ngp FIB filtering

Hi, seems like the change would allow more prefixes rather than less.

New Member

Re: ngp FIB filtering

Hi .

Actually I get about 270000 routes.

that's why I was thinking about adding some filtering

Thanks

New Member

Re: ngp FIB filtering

hi paolo

why?

Thanks

Hall of Fame Super Gold

Re: ngp FIB filtering

Because it also permits prefixes sourced by the AS in regexp rather that only ones originated by peer AS. Also, unless you do transit, you should not need no synchronization in bgp.

New Member

Re: ngp FIB filtering

Hi.

So I think I have to get something else for doing bgp.  wath could substitute de 7204 taking in to account that I will add another bgp sesion?

 

I have catalyst 6500 doing all the switching stuff . If I upgrade the sup engines, say to 720 3BXL,  could I do BGP in the catalyst  and forget about 7200?

hanks

New Member

Re: ngp FIB filtering

Hy You all, Hy paolo.

I rectified my acces-list

router bgp 30000

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

bgp dampening

network .......

neighbor Myneighbor remote-as 60000

neighbor Myneighbor send-community

neighbor Myneighbor soft-reconfiguration inbound

neighbor Myneighbor filter-list 1 out

neighbor Myneighbor filter-list 2 in

no auto-summary

ip as-path access-list 1 permit ^$

ip as-path access-list 2 permit ^60000_[0-9]*$

ip as-path access-list 2 deny any

will it be correct now?

thanks

222
Views
0
Helpful
8
Replies
CreatePlease to create content