Route table growth and hardware limits...talk to the filter
pekkas at netcore.fi
Sat Sep 22 05:10:33 UTC 2007
On Fri, 21 Sep 2007, Warren Kumari wrote:
> On Sep 21, 2007, at 2:22 PM, Pekka Savola wrote:
>> On Fri, 21 Sep 2007, John A. Kilpatrick wrote:
>> > 1. The "captain obvious" suggestion of a default means that now I'm
>> > paying
>> > for multiple links but can only use one. That's not cost effective and
>> > will
>> > provide lower performance for some destinations. I have done defaults in
>> > the past where appropriate but it's not appropriate in this application.
>> That's not the case at all. If you use only defaults, you could do load
>> balancing but in a very crude fashion.
>> If you use a default route and filtered version of BGP feed (e.g., accept
>> everything up to /21) probably up to 90-95% of traffic would go over that
>> link, or multiple ones if you have multiple BGP sessions.
> Sure, but you do still run the (not insignificant) risk of following the
> default to the "sufficiently good (non-tier1, not cogent) upstream", only to
> discover that, for whatever reason, it has no reachability to the prefix. If
> I have spent to time and effort to get multiple providers, presumably I
> believe that my bits are important enough to not trust to "this will probably
> work most of the time..."
Our perceptions differ -- you seem to think that the having full,
unfiltered BGP feed protects from these problems. That's not the
case. E.g., in the TeliaSonera routing problem I sent on the m-l on
Sep 6, all prefixes were received fine through TSIC, but certain
traffic ended up being dropped for the duration of about 9 hours.
Unless you made an administrative action on the router, some networks
would have been blackholed for 9 hours regardless of the fact whether
you used unfiltered BGP or filtered BGP.
So, if you're uncomfortable with such major networks causing problems
in your connectivity, you'll need the ops staff to look after the
routing and change it if need be. Ergo, if you need the ops staff,
you could just as easily as shutdown or depref of a badly behaving
transit switch the default or change the other priorities.
I guess the main point here is how prevalent "no reachability, no
prefix" scenario is compared to "routing/forwarding broken, manual
action required". My take is that the the former is rare with good
upstreams and while the latter might not be as frequent as the former,
you'll need to prepare for it in any case so the difference likely
doesn't matter that much.
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the NANOG