"We were also terminating 300 IPSec tunnels, with Zbf and IPS running." <-- that is probably what killed the box. I've always pushed off the security stuff to dedicated boxes further in.
David. On Sat, Jun 23, 2012 at 3:15 AM, Ahmed Hussain <[email protected]> wrote: > I am running full BGP tables from 4 different upstreams around, doing v4 > and v6. The v6 full table is now around 400K and v6 some 20K plus a private > peering session with around 200 routes. > Doing this on a pair of cisco GSR with redundant route processors, and > doing lot of complex filtering. CPU is doing good :) > > > > On Sat, Jun 23, 2012 at 8:49 AM, Paul Paradiso <[email protected] > >wrote: > > > That could def push the router over the edge. Crypto should be offloaded > to > > another set of routers, especially for 300 tunnels! > > On Jun 22, 2012 11:35 PM, "Michael Davis - Webquor" < > > [email protected]> > > wrote: > > > > > I didn't have time to try another iOS. We had 3 peers with 100mb > > > connection to each. We couldn't get the router to process any > connection > > > beyond about 10mb. It was terrible. > > > We were also terminating 300 IPSec tunnels, with Zbf and IPS running. > > How > > > much can one router bear? > > > You want the router to be able to perform multiple functions, the full > > > routing table seemed to put a lot of load on ours. > > > > > > Sent from my iPhone > > > > > > On 23/06/2012, at 12:42 PM, "Bob McCouch" <[email protected]> wrote: > > > > > > > What?! I do full tables from multiple peers on a 3845 or 3945 > > > > regularly. I've done full tables from 1 iBGP peer and 1 eBGP peer on > > > > 2921s quite a number of times too in a simple dual-homed, dual-router > > > > design. > > > > > > > > I will admit to never having done IPv6 routes in BGP, and the route > > > > entries are larger but what's the entire IPv6 table size, 20k > prefixes > > > > or something? > > > > > > > > Cisco's recommendation is 512 MB to do full IPv4 tables, though they > > > > don't spec how many copies that includes. Soft-config will increase > > > > the memory requirement. > > > > > > > > I've received full routes on a 2621 with 256 of RAM as well but I had > > > > to disable soft-reconfig and filter the table down to /15 and shorter > > > > prefixes to keep it stable ;-) > > > > > > > > If you crashed a 3945e with a full route table, you hit a bug. That's > > > > all I can fathom. > > > > > > > > > > > > Bob > > > > -- > > > > Sent from my iPhone, please excuse any typos. > > > > > > > > On Jun 22, 2012, at 10:21 PM, Michael Davis - Webquor > > > > <[email protected]> wrote: > > > > > > > >> I downloaded the full BGP table to a 3945e and crashed it... Badly. > > > >> Then tried on our ASR1k and it worked though we went For connected > ISP > > > routes as it was noticeably slower. My guess is you would need an ASR > > 9k. > > > >> > > > >> Sent from my iPhone > > > >> > > > >> On 23/06/2012, at 11:04 AM, "Jason Maynard" < > [email protected]> > > > wrote: > > > >> > > > >>> This may not be directly related to the lab but it is relevant in > > > >>> understanding Cisco platforms and BGP requirements. > > > >>> > > > >>> What is the smallest router to hold the entire BGP internet table > and > > > which > > > >>> platfom is ideal? both IPv4 and IPv6 and you must consider route > > > >>> manipulation > > > >>> _______________________________________________ > > > >>> For more information regarding industry leading CCIE Lab training, > > > please visit www.ipexpert.com > > > >>> > > > >>> Are you a CCNP or CCIE and looking for a job? Check out > > > www.PlatinumPlacement.com > > > >>> > > > >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > >> _______________________________________________ > > > >> For more information regarding industry leading CCIE Lab training, > > > please visit www.ipexpert.com > > > >> > > > >> Are you a CCNP or CCIE and looking for a job? Check out > > > www.PlatinumPlacement.com > > > >> > > > >> http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > _______________________________________________ > > > For more information regarding industry leading CCIE Lab training, > please > > > visit www.ipexpert.com > > > > > > Are you a CCNP or CCIE and looking for a job? Check out > > > www.PlatinumPlacement.com > > > > > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, please > > visit www.ipexpert.com > > > > Are you a CCNP or CCIE and looking for a job? Check out > > www.PlatinumPlacement.com > > > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
