Yes the XR ability of table-map to actually filter prefixes rather than just modifying their parameters during RIB installation was of great value for IPv4 RRs Though it's not needed on pure control plane VPN RRs as those do not have any VRFs so no RIBs and consequently no FIB to update
Wondering what the numbers would be for CRS3 CPU and RAM acting as a pure control-plane box adam -----Original Message----- From: Nick Hilliard [mailto:[email protected]] Sent: Thursday, February 07, 2013 4:45 PM To: Adam Vitkovsky Cc: 'Nikolay Shopik'; 'Charles Sprickman'; [email protected] Subject: Re: [c-nsp] ASR-100x intro On 07/02/2013 12:04, Adam Vitkovsky wrote: > Wow so from ASR1004 and upwards we're indeed not limited by the number > of VPN routes anymore so goodbye RR Planes (I'm going to miss this > state of art BGP design). 8k sessions is also enough to serve a > particular region on the asr1k, you can stop propagation of the best path rib entries to the hardware fib, which will usually max out at either 500k or else 1m entries. This means that when acting as a RR, the asr1k is constrained only by the amount of RAM and the CPU power. The FIB size is no longer relevant. The command to do this is: router bgp 64512 table-map rm-filter-bgp-to-fib <------- magic sauce neighbor x.y.z.w route-reflector-client [etc] route-map rm-filter-bgp-to-fib permit match blahblahblah You can then tune the rm-filter-bgp-to-fib route-map only to permit what you want in your TCAM instead of getting everything, including VPN prefixes. So on an asr1001, which you can pimp up to 16G, you could handle many full DFZ VPNs separately, even though the box can only handle 1m prefixes in hardware. Just be careful about the ASR1002: the base model can only take 4G RAM and this is not upgradable. This limitation is fixed in the ASR1002X. Nick _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
