Route table growth and hardware limits...talk to the filter

Warren Kumari warren at kumari.net
Fri Sep 21 19:30:13 UTC 2007


On Sep 21, 2007, at 2:22 PM, Pekka Savola wrote:

>
> On Fri, 21 Sep 2007, John A. Kilpatrick wrote:
>> 1.  The "captain obvious" suggestion of a default means that now  
>> I'm paying
>> for multiple links but can only use one.  That's not cost  
>> effective and will
>> provide lower performance for some destinations.  I have done  
>> defaults in
>> the past where appropriate but it's not appropriate in this  
>> application.
>
> That's not the case at all.  If you use only defaults, you could do  
> load balancing but in a very crude fashion.
> If you use a default route and filtered version of BGP feed (e.g.,  
> accept everything up to /21) probably up to 90-95% of traffic would  
> go over that link, or multiple ones if you have multiple BGP sessions.

Sure, but you do still run the (not insignificant) risk of following  
the default to the "sufficiently good (non-tier1, not cogent)  
upstream", only to discover that, for whatever reason, it has no  
reachability to the prefix. If I have spent to time and effort to get  
multiple providers, presumably I believe that my bits are important  
enough to not trust to "this will probably work most of the time..."

W



>
> If you want more control than _only_ a default route or two (and  
> many do), the default route would in principle be just a safeguard  
> for more specifics (or other routes, based on a metric of your  
> choosing) you filter out.
>
>> 2.  The idea of a complex filtering strategy is, from my  
>> perspective, an
>> even worse idea.  You get all of the downsides of a default with  
>> increased
>> operational complexity that may not scale across multiple sites  
>> depending on
>> the size of your ops team.
>
> I'd probably agree if you used complex filtering without a default  
> route.  Having a default route, as long as it points to a  
> sufficiently good (non-tier1, not cogent) upstream allows you not  
> to care so much about how you filter the BGP feed.
>
> But as should be obvious, you don't need to worry about this  
> problem if you're willing to put money into router upgrades.   
> However, I'm just suggesting there is an alternative to router  
> upgrades if you're comfortable with the somewhat different  
> tradeoffs that will bring with it.
>
> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>

--
Hope is not a strategy.
       --  Ben Treynor, Google





More information about the NANOG mailing list