Re: [c-nsp] BGP router upgrade
It might be not directly related to your request but make sure you know in advance the amount of prefixes to load with BGP with sup720-3BXL as max tcam size is by default set in config=512K. We had an issue where the router crashed because of the number of prefixes reached max tcam 512K (hardware capacity 1M prefixes) using vrf-lite. this can be checked with: sh mls cef maximum-routes FIB TCAM maximum routes : === Current :- --- IPv4 + MPLS - 512k (default) IPv6 + IP Multicast - 256k (default) and modified with mls cef maximum-routes ... Alexandre Durand ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP transit selection from source customer network
Well I don t agree, It is easy enought on route A to overweight ISPA so path is preffered over ISPA for any source, so I just use PBR to send my customer traffic via ISPA and the other source traffic to the Router B with ISPB. As this is said, I might change my route-map as follow: ip prefix-list cust1 deny x.x.x.x/24 ip prefix-list cust1 permit 0.0.0.0/0 le 32 route-map cust1, permit, sequence 10 Match clauses: ip address prefix-list cust1 Set clauses: ip next-hop ISPB Policy routing matches: 15 packets, 1710 bytes Any traffic except my customer traffic will be forwarded to ISPB On 03/08/11 09:54, Andrii Morozov wrote: According to the scheme drawn above, you have an iBGP between your border routers. Thus, they will send the best routes to each other. This means, no matter whether you set PBR or not, if the best path is selected over ISB B, the traffic will traverse that link, but not ISP A. 2011/8/2 Alexandre Durand alexandre.dur...@tasfrance.com mailto:alexandre.dur...@tasfrance.com weird I used only PBR and it seems to be working. I created a route-map that send cust1 traffic out to ISPA (RIB internet routes) and any other customer source traffic out to ISPB. the weird thing is that ISPB routes are NLRI routes and not RIB routes ... how can this be working ... regards alexandre route-map cust1, permit, sequence 10 Match clauses: ip address (access-lists): cust1 Set clauses: ip next-hop ISPA Policy routing matches: 122 packets, 13908 bytes route-map cust1, permit, sequence 20 Match clauses: (ANY) Set clauses: ip next-hop ISPB Policy routing matches: 15 packets, 1710 bytes On 02/08/11 11:04, Alexandre Durand wrote: Hi, You are right, however on router A is connected to ISPA, bgp will add only preferred ISPA routes and not the others routes from router B ISPB with IBGP, but only ISPA routes will be preferred on this router A (attribute weight), router A will be not aware about ISPB rouites unless ISPA goes down. I may use a dedicated vrf for ISPA so global routing table and vrf table are not bound each other. And then use PBR over route-map to redirect first via ISPA VRF and secondly via global routing table where ISPB routes will be present in RIB. What do you think about it? The only issue witch such solution is that I will need to upgrade the ios because vrf under route-map is not supported on my IOS(12.2(18)SXD3). regards Alexandre On 01/08/11 17:56, David Freedman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/08/11 15:35, Alexandre Durand wrote: Hi Andrew, Tnhan you for you answer. Actually youa re right about the inbound traffic in which I can easily advetise this network with a preference to my ISPA, this is fine and already done. The issue here is about the oubound traffic, when my customer traffic is going back out to ISP, I can also you weight on the router where I host this ISPA and use no-advertise attribute so I don t advertise prefixes to others iBGP routers, fine but others customer traffic will also be routed via ISPA because the shortest ISP path is going throught this router too... I think what you are saying sounds like this: |Your Network---Internet-| [Cust1]--( N ) ( E )--[ISPA]-(N)-[Cust4] [Cust2]--( T ) (E) ( W )--[ISPB]-(T)-[Cust5] [Cust3]--( K ) I take it you want to do : - - Predetermined outbound path Cust1-Cust4 via ISPA - - Predetermined outbound path Cust2-Cust5 via ISPB - - Cust3 - Cust4/5 via any/best path What you are talking about is essentially policy routing at your edge (i.e using your own criteria, like customer ID to influence outbound routing, not metrics) you can do this simply with PBR at the edge but it won't be very reliable, but you might want to look at OER/PFR (http://www.cisco.com/en/US/products/ps8787/products_ios_protocol_option_home.html) Dave. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk42zL4ACgkQtFWeqpgEZrK2BgCgwGU7nRzRPklKNII9L69uA00I w5YAoKkhzi8L8Roo5oONsg/6z1aNW0ka =lLQt -END
[c-nsp] BGP transit selection from source customer network
Hi, I was wondering if any of you had alerady the experience of source routing tarffic over multihomed network based? We run a network with several ISP and peering that provide internet full routing table and we want for specific network bloc to be routed through one of our dedicate cheap transit ISP, but leave others on the same router to be routed via others ISPs. we run full meshed IBGP and multi-home transits or peering. I might have found 2 solutions and use PBR or VRF but I don t know how to implement them yet. VRF looks nice but I may miss transit redundancy. Let s say I create a specific vrf for this ISP, others ISPs remain in the global routing table, if this provider is not availaible, the traffic is no longer routed out the others ISPs and also I can t share and send traffic over peerings... Is there any doc or guide for such solution that I can use so I can work on the appropriate solution and configuration and adapt it to our needs and network specifications? -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Round trip time internet providers
Hi, We manage multi-home transit providers around our network and they don t provide us RTT graphs about RTT depending on geographical locations. Is there a way to know and get such information ? Let s say for example, we want to compare UK routes originated from 2 providers interoute and opentransit ,so we can make preferences over communities and so on ... depending on best RTT results. Regards alexandre durand ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Round trip time internet providers
Hi, Thank you all for you answers. I ll have a look to all these solutions. OER/PFR looks great but quite complex to implement, I might try to use it first in lab environment and maybe then in production. Regards, alexandre durand On 26/07/11 14:43, Sergio Ramos wrote: Hi, Cisco Performance Routing can help you to make routing decisions based on latency, packet loss, etc... http://www.cisco.com/en/US/products/ps8787/products_ios_protocol_option_ home.html Solution from a different vendor: http://www.internap.com/business-internet-connectivity-services/route-op timization-flow-control/ Regards, Sergio Ramos -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Alexandre Durand Sent: 26 July 2011 10:11 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Round trip time internet providers Hi, We manage multi-home transit providers around our network and they don t provide us RTT graphs about RTT depending on geographical locations. Is there a way to know and get such information ? Let s say for example, we want to compare UK routes originated from 2 providers interoute and opentransit ,so we can make preferences over communities and so on ... depending on best RTT results. Regards alexandre durand ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] c6500 turn interface up whitout any physical device connected to it
I have been trying to force a giga port to come up without any physical device connected on this port wuith a c6500. I thought the trick was to set no keepalive on the interface but the port is not coming up and stays down. I also disabled auto negogation and turned the port in to speed 1000 and duplex full but wih no sucess either. Is there someone who has ever experienced the trick? -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] c6500 turn interface up whitout any physical device connected to it
Well it s not really a problem, I just don t want to connect anything on this port but still get the port up so I can advertise the network over ospf and bgp. I could use loopback interfaces instead but I ll get /32 mask advertised over ospf ... and I want to advertise a network mask like /24. Or an other solutionmay be to resdtribute static null route with /24 prefix from this routeur ... On 15/07/11 11:32, Peter Rathlev wrote: On Fri, 2011-07-15 at 11:28 +0200, Alexandre Durand wrote: On 15/07/11 10:51, Peter Rathlev wrote: AFAIK the Catalyst switches cannot fake an up link. The specific problem you're trying to solve might have another solution though. What kind of other solution Peter? Pardon me, but that's a little hard to answer without knowing what specific problem you're trying to solve. :-) -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] c6500 turn interface up whitout any physical device connected to it
Hi Peter, What kind of other solution Peter? On 15/07/11 10:51, Peter Rathlev wrote: On Fri, 2011-07-15 at 09:07 +0200, Alexandre Durand wrote: I have been trying to force a giga port to come up without any physical device connected on this port wuith a c6500. I thought the trick was to set no keepalive on the interface but the port is not coming up and stays down. AFAIK the Catalyst switches cannot fake an up link. The specific problem you're trying to solve might have another solution though. -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] c6500 turn interface up whitout any physical device connected to it
Hi Andrew, No negociate is not available ont he interface. and i forced speed and duplex but with no success to turn this port up. regards On 15/07/11 11:05, Andrew Miehs wrote: On Fri, Jul 15, 2011 at 9:07 AM, Alexandre Durand alexandre.dur...@tasfrance.com mailto:alexandre.dur...@tasfrance.com wrote: I have been trying to force a giga port to come up without any physical device connected on this port wuith a c6500. I thought the trick was to set no keepalive on the interface but the port is not coming up and stays down. I also disabled auto negogation and turned the port in to speed 1000 and duplex full but wih no sucess either. Is there someone who has ever experienced the trick? On an ethernet you could try enabling no negotiate on the interface, and force speed and duplex. Regards Andrew -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] c6500 turn interface up whitout any physical device connected to it
Thank you all. I might use the 2 options and check out. I was looking a way to advertise the whole network and the ip ospf network point-to-point was out of my mind. Peter, why a floating null0 static route will be a preferred choice compared to a normal static route (AD=1) regards alex On 15/07/11 12:34, Andriy Bilous wrote: int lo0 ip ospf network point-to-point That'll advertise lo0 address with configured mask instead of /32. On Fri, Jul 15, 2011 at 11:27 AM, Alexandre Durand alexandre.dur...@tasfrance.com wrote: Hi Andrew, No negociate is not available ont he interface. and i forced speed and duplex but with no success to turn this port up. regards On 15/07/11 11:05, Andrew Miehs wrote: On Fri, Jul 15, 2011 at 9:07 AM, Alexandre Durand alexandre.dur...@tasfrance.commailto:alexandre.dur...@tasfrance.com wrote: I have been trying to force a giga port to come up without any physical device connected on this port wuith a c6500. I thought the trick was to set no keepalive on the interface but the port is not coming up and stays down. I also disabled auto negogation and turned the port in to speed 1000 and duplex full but wih no sucess either. Is there someone who has ever experienced the trick? On an ethernet you could try enabling no negotiate on the interface, and force speed and duplex. Regards Andrew -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Alexandre DURAND TAS FRANCE WTC 1-K, 1300 route des Crêtes 06560 Valbonne Sophia Antipolis Phone :+33 (0)4 92 94 56 93 Fax :+33 (0)4 92 94 33 99 Web: http://www.tasfrance.com Email :alexandre.dur...@tasfrance.com peering: http://as8554.peeringdb.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
