Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

Tue, 14 Aug 2012 17:07:00 -0700 

At 04:50 PM 8/14/2012, Brandon Applegate vociferated:

Hello,
I know this has been mentioned over the years here and there, but I don't know that I fully understand the exact behavior. I've always read 'urpf halves your tcam...'. 


It applies only to sup2. Sup720 & later don't suffer this limitation.



  So this only applies to the interface on which it's configured, correct ?
No. If you turn on uRPF check on sup2 on any interface, the available FIB TCAM for IP prefixes becomes 50% of what it is without uRPF check.
So for example, in a single switch with the full routing table (using ipv4 for examples, and using simple even numbers not counting any built-in entries): 

uplink 1 - 400k routes
uplink 2 - 400k routes

customer interface 1 - 2 routes
customer interface 2 - 2 routes
So this is 400,004 entries. Adding (strict) urpf to the customer interfaces (not the uplinks) would make this 400,008 ?
Well this whole discussion is moot, since you're probably not using sup2, especially if you have 400K prefixes.
I guess I'm just unsure of if urpf is added to a single interface (even a customer interface with 1 or 2 prefixes) - does this have some 'global' effect ?
You're probably confusing the sup2 limit described above, and the sup720 limitation that all interfaces w/uRPF check have to be in the same mode (strict or loose) and last configured wins. 

Tim




Thanks in advance.

--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739
"SH1-0151.  This is the serial number, of our orbital gun."

_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/





Tim Stevenson, tstev...@cisco.com
Routing & Switching CCIE #5561
Distinguished Technical Marketing Engineer, Cisco Nexus 7000
Cisco - http://www.cisco.com
IP Phone: 408-526-6759
********************************************************
The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Reply via email to