subject:"\[c\-nsp\] Cat 6500 \- uRPF \- FIB TCAM"

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

2012-08-14 Thread Gert Doering

Hi,

On Tue, Aug 14, 2012 at 07:50:08PM -0400, Brandon Applegate wrote:
> I know this has been mentioned over the years here and there, but I don't 
> know that I fully understand the exact behavior.  I've always read 'urpf 
> halves your tcam...'.  So this only applies to the interface on which it's 
> configured, correct ?  So for example, in a single switch with the full 
> routing table (using ipv4 for examples, and using simple even numbers 
> not counting any built-in entries):

This only applies to Sup2.

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


pgpXDS78bfsD7.pgp
Description: PGP signature
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

2012-08-14 Thread Brandon Applegate


Thanks to Tim - that was exactly the clarification I was looking for.

--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739
"SH1-0151.  This is the serial number, of our orbital gun."


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

2012-08-14 Thread Tim Stevenson


At 04:50 PM 8/14/2012, Brandon Applegate vociferated:

Hello,

I know this has been mentioned over the years here and there, but I 
don't know that I fully understand the exact behavior.  I've always 
read 'urpf halves your tcam...'.



It applies only to sup2. Sup720 & later don't suffer this limitation.



  So this only applies to the interface on which it's configured, correct ?


No. If you turn on uRPF check on sup2 on any interface, the available 
FIB TCAM for IP prefixes becomes 50% of what it is without uRPF check.



So for example, in a single switch with the full routing table 
(using ipv4 for examples, and using simple even numbers not counting 
any built-in entries):


uplink 1 - 400k routes
uplink 2 - 400k routes

customer interface 1 - 2 routes
customer interface 2 - 2 routes

So this is 400,004 entries.  Adding (strict) urpf to the customer 
interfaces (not the uplinks) would make this 400,008 ?



Well this whole discussion is moot, since you're probably not using 
sup2, especially if you have 400K prefixes.



I guess I'm just unsure of if urpf is added to a single interface 
(even a customer interface with 1 or 2 prefixes) - does this have 
some 'global' effect ?



You're probably confusing the sup2 limit described above, and the 
sup720 limitation that all interfaces w/uRPF check have to be in the 
same mode (strict or loose) and last configured wins.


Tim




Thanks in advance.

--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739
"SH1-0151.  This is the serial number, of our orbital gun."

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/





Tim Stevenson, tstev...@cisco.com
Routing & Switching CCIE #5561
Distinguished Technical Marketing Engineer, Cisco Nexus 7000
Cisco - http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

2012-08-14 Thread Blake Dunlap

I strongly think you should read up on how CEF/dCEF work on the 6500, as
you seem to show a basic misunderstanding here.

Short version: There is 1 TCAM table with some caveats about how dCEF works
per card / spa.

-Blake

On Tue, Aug 14, 2012 at 6:50 PM, Brandon Applegate  wrote:

> Hello,
>
> I know this has been mentioned over the years here and there, but I don't
> know that I fully understand the exact behavior.  I've always read 'urpf
> halves your tcam...'.  So this only applies to the interface on which it's
> configured, correct ?  So for example, in a single switch with the full
> routing table (using ipv4 for examples, and using simple even numbers not
> counting any built-in entries):
>
> uplink 1 - 400k routes
> uplink 2 - 400k routes
>
> customer interface 1 - 2 routes
> customer interface 2 - 2 routes
>
> So this is 400,004 entries.  Adding (strict) urpf to the customer
> interfaces (not the uplinks) would make this 400,008 ?
>
> I guess I'm just unsure of if urpf is added to a single interface (even a
> customer interface with 1 or 2 prefixes) - does this have some 'global'
> effect ?
>
> Thanks in advance.
>
> --
> Brandon Applegate - CCIE 10273
> PGP Key fingerprint:
> 8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739
> "SH1-0151.  This is the serial number, of our orbital gun."
>
> __**_
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp
> archive at 
> http://puck.nether.net/**pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Cat 6500 - uRPF - FIB TCAM

2012-08-14 Thread Brandon Applegate


Hello,

I know this has been mentioned over the years here and there, but I don't 
know that I fully understand the exact behavior.  I've always read 'urpf 
halves your tcam...'.  So this only applies to the interface on which it's 
configured, correct ?  So for example, in a single switch with the full 
routing table (using ipv4 for examples, and using simple even numbers 
not counting any built-in entries):


uplink 1 - 400k routes
uplink 2 - 400k routes

customer interface 1 - 2 routes
customer interface 2 - 2 routes

So this is 400,004 entries.  Adding (strict) urpf to the customer 
interfaces (not the uplinks) would make this 400,008 ?


I guess I'm just unsure of if urpf is added to a single interface (even a 
customer interface with 1 or 2 prefixes) - does this have some 'global' 
effect ?


Thanks in advance.

--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
8779 B023 7637 CEC8 C5C6 4052 664D 7E08 3CBB 1739
"SH1-0151.  This is the serial number, of our orbital gun."

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

Re: [c-nsp] Cat 6500 - uRPF - FIB TCAM

[c-nsp] Cat 6500 - uRPF - FIB TCAM

5 matches

Site Navigation

Mail list logo

Footer information