> Hi list, > > I was wondering if anyone here has been able to establish any real-world > correlation between the relative complexity of a BGP import filter (a route- > map with various match clauses which reference various other prefix/AS-path > lists to set metric/preference attributes on incoming prefixes) and any > related impact to RP CPU? (specifically, the BGP Router process) > > We make fairly extensive use of import route-map logic for outbound traffic- > engineering purposes between our various transit providers, and I'm trying > to determine if this practice is responsible for driving up RP CPU > utilization significantly higher than would otherwise be the case. I believe > that route-maps are (largely?) processed in hardware on the 65K platform > (S720-3BXL), but nevertheless, logically, it seems to me that since each > received prefix must pass through the route-map logic until it reaches a > match clause that matches and then sets the associated attributes, I can't > help but think the impact on CPU can't plausibly be 'zero'.
You are talking about BGP routing policy statements, which are implemented on the CPU, not in hardware (this is control plane, not fwd plane). So there is a direct correlation between RP CPU load and routing policy complexity. I can't tell if your policy can be optimized, but you are already matching on prefix list (which is generally causing less CPU cycles for lookup). Not sure if "match as-path 41" is needed in the last statement (seq 20, which looks like a catch-all), if you do want to drop some as-paths there, you could consider moving the drop logic to the top, and don't use any "match" in the last clause. Not sure if this changes the cpu load noticeable.. [...] > Any thoughts on if this seems excessive, or if you think this should or > should not significantly contribute to overly 'elevated' CPU consumption by > the BGP router process? I don't think your policy is excessive. oli _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/