Route table growth and hardware limits...talk to the filter
Forrest
forrest at almighty.c64.org
Sat Sep 8 22:50:25 UTC 2007
On Sat, 8 Sep 2007, Andrew - Supernews wrote:
> >>>>> "Forrest" == Forrest <forrest at almighty.c64.org> writes:
>
> Forrest> Sure, this would fail if a network decided to only announce
> Forrest> /24's for example without a larger aggregate, but how many
> Forrest> networks are really doing that?
>
> More than you probably imagine.
>
> Consider the following table:
>
> asn | count | c24 | c23
> ----------+-------+------+-----
> 9583 | 1100 | 1014 | 42
> 7018 | 1140 | 764 | 125
> 17488 | 560 | 557 | 0
> 19916 | 568 | 532 | 6
> 701 | 729 | 501 | 38
> 1221 | 474 | 380 | 14
> 1239 | 572 | 359 | 24
> 577 | 417 | 337 | 19
> 209 | 587 | 329 | 38
> 17557 | 291 | 270 | 1
> 10292 | 270 | 267 | 2
> 4802 | 345 | 259 | 25
> 6140 | 315 | 243 | 16
> 4323 | 483 | 242 | 12
> 7474 | 284 | 228 | 8
> 2386 | 295 | 218 | 9
> 3301 | 307 | 217 | 30
> 702 | 392 | 206 | 34
> 6746 | 279 | 200 | 41
>
> In this, "count" is the number of prefixes originated by the AS that
> are not covered by any longer prefix (without regard to origin); "c24"
> is the number of those prefixes which are /24s; "c23" is the number
> which are /23s. I've cut this table off at 200 - the total number of
> uncovered /24 routes across all ASes is 51811.
>
> Some of the above numbers would be worse if not for the presence of
> over-large route announcements from other providers (for example,
> Chinanet announce 125.96.0.0/14 even though 125.99.0.0/16 belongs
> to hathway.net in India (AS 17488); approximately 230 _more_ /24
> routes announced by Hathway are in this range).
>
>
You're right, that's way more than I would have imagined. Ok, why not
combine the idea of throwing away more specific routes that have the same
AS path as the larger aggregate with a mechanism that will do something
like the CIDR-REPORT and aggregate bunches of routes that all have the
same AS path. Or is the processing power/memory just not available to
accomplish that?
It seems either option would be better for not breaking connectivity than
to simply reject anything longer than a /21 in 64/7 for example.
Forrest
More information about the NANOG
mailing list