Re: [c-nsp] BGP router process using way more memory on one system
I'll leave this here incase it helps anyone but I was able to get it to respond to a few simple validation commands by just clearing a BGP session. Thanks, -Drew -Original Message- From: Nick Hilliard Sent: Monday, May 25, 2020 3:51 AM To: Drew Weaver Cc: 'cisco-nsp@puck.nether.net' Subject: Re: [c-nsp] BGP router process using way more memory on one system Drew Weaver wrote on 24/05/2020 19:20: > We have two routers that have a mirrored configuration. Peers, BGP > configuration, everything. Exactly the same [except for IP addresses] > > One of the routers BGP router process is holding 617576024. The other > is holding 577596716. > > The one that is holding more appears to be suffering from an out of > memory condition. There were a couple of releases where the ipv4_rib process had a persistent memory leak. Try this: Router# admin process restart ipv4_rib This is non service affecting - restarting the process temporarily stops FIB reprogramming, then does a full RIB reload from all RIB sources, then does a FIB check across the device. I.e. it's safer to do this than to hobble along with OOM errors. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router process using way more memory on one system
Drew Weaver wrote on 24/05/2020 19:20: We have two routers that have a mirrored configuration. Peers, BGP configuration, everything. Exactly the same [except for IP addresses] One of the routers BGP router process is holding 617576024. The other is holding 577596716. The one that is holding more appears to be suffering from an out of memory condition. There were a couple of releases where the ipv4_rib process had a persistent memory leak. Try this: Router# admin process restart ipv4_rib This is non service affecting - restarting the process temporarily stops FIB reprogramming, then does a full RIB reload from all RIB sources, then does a FIB check across the device. I.e. it's safer to do this than to hobble along with OOM errors. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP router process using way more memory on one system
Hello, We have two routers that have a mirrored configuration. Peers, BGP configuration, everything. Exactly the same [except for IP addresses] One of the routers BGP router process is holding 617576024. The other is holding 577596716. The one that is holding more appears to be suffering from an out of memory condition. I am planning on rebooting it but before I do is there any known way of freeing up enough memory to allow basic virtual exec processes to execute? I've tried basic things like shutting down BGP peers, etc but even though the total memory that BGP says it's using goes down.. it still won't free up the memory. Thanks in advance. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP Router process - high cpu
Hi Guys, High cpu from BGP router process started ~48 hours ago - Happens every 30 seconds (Cisco 7200, NPE-G2normal load is 45-50% cpu) #sh processes cpu sorted CPU utilization for five seconds: 86%/44%; one minute: 53%; five minutes: 50% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 28920754676 99918606207 35.12% 6.76% 5.68% 0 BGP Router All peering sessions on the 7200 have uptime of years(Or many weeks), but I think it has to be due to a re-convergence? Have the following configured under address-family vpnv4 (This conf has always been on the 7200(years))...but the 30 second scan time matches the CPU spikes.bgp scan-time import 10 bgp scan-time 30 Any suggestions on how to track down the cause? Cheers. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router process - high cpu
Take a look at this http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00809d16f0.shtml This is almost always due to route churn. Take a look at your routing table (global and/or VRF) for routes that recently updated (show ip route | i 0:00) and that might give you some clues as to where the churn is coming from. -Pete On Tue, Oct 2, 2012 at 6:00 PM, CiscoNSP_list CiscoNSP_list cisconsp_l...@hotmail.com wrote: Hi Guys, High cpu from BGP router process started ~48 hours ago - Happens every 30 seconds (Cisco 7200, NPE-G2normal load is 45-50% cpu) #sh processes cpu sorted CPU utilization for five seconds: 86%/44%; one minute: 53%; five minutes: 50% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 28920754676 99918606207 35.12% 6.76% 5.68% 0 BGP Router All peering sessions on the 7200 have uptime of years(Or many weeks), but I think it has to be due to a re-convergence? Have the following configured under address-family vpnv4 (This conf has always been on the 7200(years))...but the 30 second scan time matches the CPU spikes.bgp scan-time import 10 bgp scan-time 30 Any suggestions on how to track down the cause? Cheers. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On (2011-08-17 02:07 +0200), Lars Eidsheim wrote: - Load times of the full BGP table will be higher than the NPE-G1/2 - do anyone know the respective load times? Do you expect to see 1 minute or 10 minutes? SUP720-3BXL can load BGP table in under 1min, but NPE-G1 can do lot better. But initial convergence is hardly very interesting metric. - Do we benefit to use DFC at the linecards when traffic rate is low (guessing 5 to 10 mpps)? Will DFC still be recommended for my setup? No, I wouldn't run DFC until I need them. Decentralization carries some complexity and may include some surprises like inability to police accurately. - Will the 7600/RSP720 be a better choice, still using 67xx linecards? RSP720 has MSFC4 so control-plane is snappier. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
It might be not directly related to your request but make sure you know in advance the amount of prefixes to load with BGP with sup720-3BXL as max tcam size is by default set in config=512K. We had an issue where the router crashed because of the number of prefixes reached max tcam 512K (hardware capacity 1M prefixes) using vrf-lite. this can be checked with: sh mls cef maximum-routes FIB TCAM maximum routes : === Current :- --- IPv4 + MPLS - 512k (default) IPv6 + IP Multicast - 256k (default) and modified with mls cef maximum-routes ... Alexandre Durand ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On Wednesday, August 17, 2011 07:54:11 PM Saku Ytti wrote: SUP720-3BXL can load BGP table in under 1min, but NPE-G1 can do lot better. But initial convergence is hardly very interesting metric. Agree. How the CPU handles a thrashing table, or a returning full BGP v4 session while the CPU is doing other things (housekeeping, management, control, e.t.c.), thrashing/returning of multiple full v4 sessions, e.t.c. is what is more interesting. No, I wouldn't run DFC until I need them. Decentralization carries some complexity and may include some surprises like inability to police accurately. Agree as well. We ordered ours with the DFC's, but the boxes are running pure Layer 2 switching, so nothing exciting there. Mark. signature.asc Description: This is a digitally signed message part. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
In what configuration does an NPE G1 load tables in under a minute? I haven't seen one load a full table in anywhere near sub 1 min. G2 yes, G1 really? -Original Message- From: Saku Ytti Sent: Wednesday, August 17, 2011 7:54 AM To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP router upgrade On (2011-08-17 02:07 +0200), Lars Eidsheim wrote: - Load times of the full BGP table will be higher than the NPE-G1/2 - do anyone know the respective load times? Do you expect to see 1 minute or 10 minutes? SUP720-3BXL can load BGP table in under 1min, but NPE-G1 can do lot better. But initial convergence is hardly very interesting metric. - Do we benefit to use DFC at the linecards when traffic rate is low (guessing 5 to 10 mpps)? Will DFC still be recommended for my setup? No, I wouldn't run DFC until I need them. Decentralization carries some complexity and may include some surprises like inability to police accurately. - Will the 7600/RSP720 be a better choice, still using 67xx linecards? RSP720 has MSFC4 so control-plane is snappier. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On (2011-08-17 13:48 -0400), Scott Granados wrote: In what configuration does an NPE G1 load tables in under a minute? I haven't seen one load a full table in anywhere near sub 1 min. Maybe you've not changed hold-queue or MSS size. CSCsh81034 Bug Details sup720 slow to upload BGP table to iBGP peer Symptoms: Slow convergence. A sup720 running 122-33.SRA is slow to upload the full BGP table to an iBGP peer. It takes more than one minute for the 200k prefixes to be uploaded to the peer. As a comparison point, a 7200 NPE-G1 running 122-25S uploads the same 200k prefixes to the same ibgp peer in less than 10 seconds. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On (2011-08-17 13:48 -0400), Scott Granados wrote: In what configuration does an NPE G1 load tables in under a minute? Just loaded from SUP720-3BXL - NPE-G1, 383k routes in under minute. And InQ was almost all the time 0 in NPE-G1, as SUP720-3BXL wasn't sending fast enough. Router had other session up, receiving 446k prefixes on that session. NPE-G1# sh ip bgp summary ... NeighborVAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd SUP720-3BXL 4 MAHAS 55538 5 11986899500 00:00:59 383819 Took another 15s or so to hit 446k. But not interesting result, as SUP720-3BXL is capping this. NPE-G2 from same SUP720-3BXL hit 296k routes in 1min, and saw constant InQ, hitting 446k in 1m50s Both have large MSS size and no hold-queue drops and are running SRD4. However NPE-G1 has base load of 1%/0%, NPE-G2 has base load of 17%/16%. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
Thank you all for the feedback on the subject. It is much appreciated. Looking at the facts that the sup720 engine will hold full bgp table and do 30 mpps (400 mpps with dfc), it beats the 3945 (982 kpps), npe-g2 (2 mpps) it looks like a good investment compared to raw performance and needs. Among with the terms installed and forgotten and ghetto fabulous I assume the sup720-3bxl will suit my needs and budget. The ASR1k might be an alternative, I will ask for a quote. To complement the setup, I would like to connect to two different transit providers and do local peering with maybe 30 peers using three or four gigabit interfaces (different IXes). Some new questions are raising after feedbacks, - Load times of the full BGP table will be higher than the NPE-G1/2 - do anyone know the respective load times? Do you expect to see 1 minute or 10 minutes? - Do we benefit to use DFC at the linecards when traffic rate is low (guessing 5 to 10 mpps)? Will DFC still be recommended for my setup? - Will the 7600/RSP720 be a better choice, still using 67xx linecards? Thanks. Lars Eidsheim This email has been scanned and secured by Intellit This communication is for use by the intended recipient and contains information that may be privileged, confidential and exempt from disclosure or copyrighted under applicable law. If you are not the intended recipient, you are hereby formally notified that any dissemination, use, copying or distribution of this e-mail, in whole or in part, is strictly prohibited. Please notify the sender by return e-mail and delete this e-mail from your system. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On 8/14/11 8:35 PM, Pete Lumbis wrote: Bottom line, I would under no situation ever consider NPE-G[12] for forwarding Internet peering traffic (wording chosen carefully:). And I have lot of love for them. A completely fair statement, it all comes down to throughput requirements. A hardware based platform will always beat the pants off of a software based platform, but when you talk about control plane flexibility and reducing your odds for forwarding problems, software is the way to go. Peering router selection isn't about throughput requirements, it's about PPS requirements in the face of what the Internet should decide to throw at the router at random time X+pi. pt ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
The Sup720 on a 6k/7600 won't be what you are looking for in a large peering environment. I'd suggest an NPE-G2 if the 7200 is still suiting you needs and only needs a small upgrade. You could also look at moving to an ASR1k platform which I think can do 10GE and still provides the investment protection to upgrade the forwarding engine (ESP) and control plane (RP) in the future. On Fri, Aug 12, 2011 at 9:31 AM, Lars Eidsheim l...@intellit.no wrote: Hi all, I am looking for a thoughts about a BGP edge router upgrade. I am planning to upgrade our BGP edge from a Cisco 7200/NPE-G1. The NPE-G1 suits our needs at the moment, but as we are looking to interconnect with more services, do more localpeerings and implement IPv6 in near future this might a good timing to upgrade. As we are running a few 6500s in our network already I was thinking to install a 6500 with SUP720-3BXL and a 6724-SFP linecard to replace our existing 7200 platform. The 3BXL will keep-up with full BGP feed and the platform can easily be upgraded to 10 gbit/s with a new line card (in example 6704-10GE). I know others are using the 6500/SUP720-3BXL for this purpose, but as the 6500 is designed a switch platform i would like hear others opinion on the subject? Maybe I should be looking to other platforms as well, like Huawei or Juniper? Rgrds Lars Eidsheim This email has been scanned and secured by Intellit This communication is for use by the intended recipient and contains information that may be privileged, confidential and exempt from disclosure or copyrighted under applicable law. If you are not the intended recipient, you are hereby formally notified that any dissemination, use, copying or distribution of this e-mail, in whole or in part, is strictly prohibited. Please notify the sender by return e-mail and delete this e-mail from your system. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On (2011-08-13 10:27 -0400), Pete Lumbis wrote: The Sup720 on a 6k/7600 won't be what you are looking for in a large peering environment. I'd suggest an NPE-G2 if the 7200 is still suiting you needs and only needs a small upgrade. Majority of Internet traffic is still being pushed by 6500 routers today, because it's ghetto fabolous (it's cheap, it's fast, it's easily available from gray market, it works) You can choke NPE-G2 at maybe 300Mbps if you're doing QoS, and Internet it aggressive place to be. Some other posts suggesting NPE-G1 is better than RSP720, is bit streching it, considering RSP720 runs PowerQUICC III MPC8548E and NPE-G2 (marketed as twice the performance of NPE-G1) runs MPC7448 they are roughly in same performance range, while obviously RSP720 will only do control-plane there. NPE-G[12] will load full table considerably faster than SUP720-3BXL or RSP720, but this is not due to control-plane congestion, but rather timing issue in IOS, which I've been told would be large change to fix. Bottom line, I would under no situation ever consider NPE-G[12] for forwarding Internet peering traffic (wording chosen carefully:). And I have lot of love for them. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
On Friday, August 12, 2011 09:31:08 PM Lars Eidsheim wrote: I am planning to upgrade our BGP edge from a Cisco 7200/NPE-G1. The NPE-G1 suits our needs at the moment, but as we are looking to interconnect with more services, do more localpeerings and implement IPv6 in near future this might a good timing to upgrade. I'd have suggested the NPE-G2 if your requirements are graceful and cost is an issue, but sounds like you're keen on a hardware-based platform :-). As we are running a few 6500s in our network already I was thinking to install a 6500 with SUP720-3BXL and a 6724-SFP linecard to replace our existing 7200 platform. The 3BXL will keep-up with full BGP feed and the platform can easily be upgraded to 10 gbit/s with a new line card (in example 6704-10GE). I know others are using the 6500/SUP720-3BXL for this purpose, but as the 6500 is designed a switch platform i would like hear others opinion on the subject? So I'd say stay away from the 6500 unless you're looking to buy the new SUP2T. For the amount of peering you want to do, the CPU on the SUP720-3BXL (and the RSP720-3CXL for the 7600) sucks real bad! You're actually better off with an NPE-G1 :-). Also, the SUP720-3BXL has a number of forwarding limitations (search the archives on this list, you won't run out of reasons not to buy them). I'd suggest looking at the ASR1000 platform. The ASR1006 is especially nice for what you want - control and forwarding plane redundancy, support for 10Gbps SPA's (might not be line rate depending on what other SPA's you plug into the SIP carrier cards), a quick CPU for your BGP needs, lots of cool features (good parity with the 7200 for peering needs), and long-term support from Cisco as a true replacement for the successful 7200. Maybe I should be looking to other platforms as well, like Huawei or Juniper? Since you're looking at 10Gbps ports for your upgrade, forget about the M7i/M10i units. Your smallest box will be an MX80, but these don't have control or forwarding plane redundancy. For that, the smallest box I'd recommend that makes sense is an MX240 (chassis' are cheap, so you can actually get a bigger one for almost the same money). Stay away from the M120, it's pricey and won't be dense enough of you need many Ethernet ports in the future. Hope this helps. Mark. signature.asc Description: This is a digitally signed message part. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router upgrade
If it helps, recently upgraded the corporate from a 7206 to 3925 for the corporate 1GB connection which works well and has no performance issues, full bgp table. Also using 7604s for the diverse production ISPs 10GB connex also no issues, full bgp table. Installed and forgotten. Cisco 7206VXR (NPE-G2) processor (revision A) with 917504K/65536K bytes of memory. MPC7448 CPU at 1666Mhz, Implementation 0, Rev 2.2 6 slot VXR midplane, Version 2.11 *** Cisco CISCO3925-CHASSIS (revision 1.0) with C3900-SPE200/K9 with 691200K/291840K bytes of memory. 4 Gigabit Ethernet interfaces 256K bytes of non-volatile configuration memory. 250880K bytes of ATA System CompactFlash *** Cisco CISCO7604 (M8500) processor (revision 2.0) with 851968K/65536K bytes of memory. BASEBOARD: RSP720 CPU: MPC8548_E, Version: 2.0, (0x80390020) CORE: E500, Version: 2.0, (0x80210020) CPU:1200MHz, CCB:400MHz, DDR:200MHz, 1 Virtual Ethernet interface 50 Gigabit Ethernet interfaces 16 Ten Gigabit Ethernet interfaces 3964K bytes of non-volatile configuration memory. sho mod Mod Ports Card Type Model Serial No. --- - -- -- --- 1 2 Route Switch Processor 720 (Active) RSP720-3C-GE 2 48 48-port 10/100/1000 RJ45 EtherModule WS-X6148A-GE-TX 3 8 CEF720 8 port 10GE with DFC WS-X6708-10GE 4 8 CEF720 8 port 10GE with DFC WS-X6708-10GE From: Lars Eidsheim l...@intellit.no To: cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Sent: Friday, August 12, 2011 7:31 AM Subject: [c-nsp] BGP router upgrade Hi all, I am looking for a thoughts about a BGP edge router upgrade. I am planning to upgrade our BGP edge from a Cisco 7200/NPE-G1. The NPE-G1 suits our needs at the moment, but as we are looking to interconnect with more services, do more localpeerings and implement IPv6 in near future this might a good timing to upgrade. As we are running a few 6500s in our network already I was thinking to install a 6500 with SUP720-3BXL and a 6724-SFP linecard to replace our existing 7200 platform. The 3BXL will keep-up with full BGP feed and the platform can easily be upgraded to 10 gbit/s with a new line card (in example 6704-10GE). I know others are using the 6500/SUP720-3BXL for this purpose, but as the 6500 is designed a switch platform i would like hear others opinion on the subject? Maybe I should be looking to other platforms as well, like Huawei or Juniper? Rgrds Lars Eidsheim This email has been scanned and secured by Intellit This communication is for use by the intended recipient and contains information that may be privileged, confidential and exempt from disclosure or copyrighted under applicable law. If you are not the intended recipient, you are hereby formally notified that any dissemination, use, copying or distribution of this e-mail, in whole or in part, is strictly prohibited. Please notify the sender by return e-mail and delete this e-mail from your system. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP Router
Hi all I have 2 Cisco ME6524 , i want to deploy them as border routers (i.e. BGP routers)The specifications are as below cisco ME-C6524GT-8S (R7000) processor (revision 1.3) with 458752K/65536K bytes of memory.Processor board ID CAT1210C00SR7000 CPU at 300Mhz, Implementation 0x27, Rev 3.3, 256KB L2, 1024KB L3 CacheLast reset from power-onSuperLAT software (copyright 1990 by Meridian Technology Corp).X.25 software, Version 3.0.0.Bridging software.TN3270 Emulation software.5 Virtual Ethernet/IEEE 802.3 interfaces32 Gigabit Ethernet/IEEE 802.3 interfaces1915K bytes of non-volatile configuration memory. 65536K bytes of Flash internal SIMM (Sector size 256K).Configuration register is 0x2102 CR3.KJ-AMM-010#show sup-bootflash: -#- ED type --crc--- -seek-- nlen -length- -date/time- name1 .. unknown 7A8AED69 184A0A4 39 25206820 May 28 2008 01:22:40 +03:00 s6523-advipservicesk9-mz.122-18.ZU2.bin 108224348 bytes available (25206948 bytes used) is the router suitable ? do i have to upgrade IOS for example? Thanks Best Regards,Mohammad Khalil ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
Yes this switch is fine for running BGP with the caveat that you won't be able to take a full BGP table on this hardware. I believe the hardware TCAM is limited to about 250,000 routes. You will most certainly want to upgrade that IOS though. It's years out of date. You should find that the most recent IOS for these units - which is 12.2(33)SXI5, should work well. Reuben On 12/01/2011 10:50 PM, Mohammad Khalil wrote: Hi all I have 2 Cisco ME6524 , i want to deploy them as border routers (i.e. BGP routers)The specifications are as below cisco ME-C6524GT-8S (R7000) processor (revision 1.3) with 458752K/65536K bytes of memory.Processor board ID CAT1210C00SR7000 CPU at 300Mhz, Implementation 0x27, Rev 3.3, 256KB L2, 1024KB L3 CacheLast reset from power-onSuperLAT software (copyright 1990 by Meridian Technology Corp).X.25 software, Version 3.0.0.Bridging software.TN3270 Emulation software.5 Virtual Ethernet/IEEE 802.3 interfaces32 Gigabit Ethernet/IEEE 802.3 interfaces1915K bytes of non-volatile configuration memory. 65536K bytes of Flash internal SIMM (Sector size 256K).Configuration register is 0x2102 CR3.KJ-AMM-010#show sup-bootflash: -#- ED type --crc--- -seek-- nlen -length- -date/time- name1 .. unknown 7A8AED69 184A0A4 39 25206820 May 28 2008 01:22:40 +03:00 s6523-advipservicesk9-mz.122-18.ZU2.bin 108224348 bytes available (25206948 bytes used) is the router suitable ? do i have to upgrade IOS for example? Thanks Best Regards,Mohammad Khalil ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
On Wed, 12 Jan 2011 23:04:28 +1100, Reuben Farrelly reuben-cisco-...@reub.net wrote: Yes this switch is fine for running BGP with the caveat that you won't be able to take a full BGP table on this hardware. I believe the hardware TCAM is limited to about 250,000 routes. Yep. The ME6500 is pretty much a fixed-config SUP32. Regards, Marco. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
can it handle full BGP table ? Date: Wed, 12 Jan 2011 13:19:06 +0100 From: ma...@linuxgoeroe.dhs.org To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router On Wed, 12 Jan 2011 23:04:28 +1100, Reuben Farrelly reuben-cisco-...@reub.net wrote: Yes this switch is fine for running BGP with the caveat that you won't be able to take a full BGP table on this hardware. I believe the hardware TCAM is limited to about 250,000 routes. Yep. The ME6500 is pretty much a fixed-config SUP32. Regards, Marco. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
On 12/01/2011 14:13, Mohammad Khalil wrote: can it handle full BGP table ? No. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
how do i filter the routes i want ? Date: Wed, 12 Jan 2011 15:36:37 + From: n...@foobar.org To: eng_m...@hotmail.com CC: ma...@linuxgoeroe.dhs.org; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router On 12/01/2011 14:13, Mohammad Khalil wrote: can it handle full BGP table ? No. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router
On 12/01/2011 15:41, Mohammad Khalil wrote: how do i filter the routes i want ? with prefix lists, or distribution lists, as-path access lists, or route-maps, depending on your requirements. The question you really need to ask yourself is what am I trying to do?, because once you have defined the problem properly, only then can you hope to reach a solution. Are you trying to use an ME6524 as a core/edge router, because your budget won't support buying other equipment? Are you trying to supply full routes to a customer connected to one of these devices. Are you using this device as an interconnect router with another ISP? You may not need to run full routes on this box. And if you attempt to run full routes on the box, you will run into serious problems. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP router-id - Chaos?
Just checking something that I haven't been able to verify online... Changing the bgp router-id manually will require you to clear the bgp sessions? Correct? Thanks!!! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router-id - Chaos?
As far as I know, changing the router ID will take care of clearing the BGP tables for you. :) It should reset all sessions. -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jeff Cartier Sent: Wednesday, July 15, 2009 1:49 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] BGP router-id - Chaos? Just checking something that I haven't been able to verify online... Changing the bgp router-id manually will require you to clear the bgp sessions? Correct? Thanks!!! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router-id - Chaos?
Oh that's lovely :) Thanks for the heads up all! -Original Message- From: Paul G. Timmins [mailto:ptimm...@clearrate.com] Sent: Wednesday, July 15, 2009 2:06 PM To: Jeff Cartier; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] BGP router-id - Chaos? As far as I know, changing the router ID will take care of clearing the BGP tables for you. :) It should reset all sessions. -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jeff Cartier Sent: Wednesday, July 15, 2009 1:49 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] BGP router-id - Chaos? Just checking something that I haven't been able to verify online... Changing the bgp router-id manually will require you to clear the bgp sessions? Correct? Thanks!!! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP router-id - Chaos?
I tried in my lab with two boxes 28xx-76xx 28xx is running 12.4(15)T9 76xx is running 12.2(33)SRB6 eBGP between the boxes. I changed the route-id manually on 28xx 2800#sh ip bgp sum BGP router identifier 10.10.10.1, local AS number 1020 BGP table version is 1, main routing table version 1 NeighborVAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 1021 14 16100 00:01:460 10.10.10.2 4 1021 14 16100 00:01:340 2800# 2800# 2800#sh run | s bgp router bgp 1020 no synchronization bgp router-id 10.10.10.1 bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 1021 neighbor 2.2.2.2 ebgp-multihop 10 neighbor 2.2.2.2 update-source Loopback0 neighbor 10.10.10.2 remote-as 1021 no auto-summary 2800# 2800#conf t Enter configuration commands, one per line. End with CNTL/Z. 2800(config)# 2800(config)#router bgp 1020 2800(config-router)#bgp rout 2800(config-router)#bgp router-id 1.1.1.1 2800(config-router)#end 2800# *Jul 15 14:11:21.199 EST: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Down Router ID changed *Jul 15 14:11:21.199 EST: %BGP-5-ADJCHANGE: neighbor 10.10.10.2 Down Router ID changed *Jul 15 14:11:21.211 EST: %SYS-5-CONFIG_I: Configured from console by console *Jul 15 14:11:21.239 EST: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up *Jul 15 14:11:21.251 EST: %BGP-5-ADJCHANGE: neighbor 10.10.10.2 Up 2800# 0# 2800#sh ip bgp sum BGP router identifier 1.1.1.1, local AS number 1020 BGP table version is 1, main routing table version 1 NeighborVAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 1021 17 21100 00:00:280 10.10.10.2 4 1021 17 21100 00:00:280 2800# I then tried in on 7600 7600#sh ip bgp sum Load for five secs: 0%/0%; one minute: 3%; five minutes: 2% Time source is hardware calendar, *18:13:06.279 EST Wed Jul 15 2009 BGP router identifier 10.10.10.2, local AS number 1021 BGP table version is 1, main routing table version 1 NeighborVAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.1 4 1020 4 3100 00:00:060 10.10.10.1 4 1020 4 3100 00:00:060 7600# 7600# 7600#sh run | b router bgp router bgp 1021 no synchronization bgp router-id 10.10.10.2 bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 1020 neighbor 1.1.1.1 ebgp-multihop 10 neighbor 1.1.1.1 update-source Loopback0 neighbor 10.10.10.1 remote-as 1020 no auto-summary ! 7600#conf t Enter configuration commands, one per line. End with CNTL/Z. 7600(config)#router bgp 1021 7600(config-router)#bgp route 7600(config-router)#bgp router-id 2.2.2.2 7600(config-router)#end 7600# *Jul 15 18:13:34.819: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down Router ID changed *Jul 15 18:13:34.819: %BGP-5-ADJCHANGE: neighbor 10.10.10.1 Down Router ID changed *Jul 15 18:13:35.475: %SYS-5-CONFIG_I: Configured from console by console 7600# 7600# 7600# *Jul 15 18:13:50.159: %BGP-5-ADJCHANGE: neighbor 10.10.10.1 Up 7600# *Jul 15 18:13:53.287: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up 7600# 7600#sh ip bgp sum Load for five secs: 1%/0%; one minute: 2%; five minutes: 2% Time source is hardware calendar, *18:13:57.819 EST Wed Jul 15 2009 BGP router identifier 2.2.2.2, local AS number 1021 BGP table version is 1, main routing table version 1 NeighborVAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.1 4 1020 4 3100 00:00:040 10.10.10.1 4 1020 4 3100 00:00:070 7600# Hope that helps. Shimol Jeff Cartier wrote: Just checking something that I haven't been able to verify online... Changing the bgp router-id manually will require you to clear the bgp sessions? Correct? Thanks!!! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
Re Gert, re Rossella [EMAIL PROTECTED] (Gert Doering) wrote: On Wed, Jun 04, 2008 at 09:43:54AM -0700, Rossella Mariotti-Jones wrote: This is good to know, thanks. We're going to have at least two ISPs possibly add more in the future, and a 100Mb pipe to it, which will grow to 200Mb soon. Right now we only have a DS3 and a lot of the times it gets up to 40Mb. I'm assuming we'll probably be pushing 80Mb easily pretty soon. This is our first BGP experience, we don't want to over buy but we also don't want to get stuck with a unit that's not going to be able to keep up. My gut feeling is go with a 7301 or 7200/NPE-G1. Why? Because it can deliver the 200 Mbit/s bandwidth, and it's a simple architecture - everything is software, and there is lots less hidden surprises than with the 6500/7600 platform. That would depend on packet sizes. I know we're a bit extreme (most of our packets are around 64-128 Bytes), yet...we're hitting 50% CPU load on 7301s with like 60 Mbps of Traffic (in+out aggregated), which amounts to around 72kpps. If your traffic consists of considerably larger packets, you may want to go with 7301s (G1) or 7201s (G2); if your packet sizes are small, you need to consider hardware forwarding platforms. If you need lots of ethernet ports, trunk one of the GigE ports from the router to a L2 switch (2950T-24 or such), and use that to fan out all the individual ports. Be careful if you set up an etherchannel; G1s and G2s do that in software, too, and it takes away forwarding capacity... Why is it, btw, that IOS doesn't use both CPU kernels there? Or did I miss an IOS version that started doing that? (still on 12.3T here) Yours, Elmi. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
On Fri, Jun 06, 2008 at 08:33:13AM +0200, Elmar K. Bins wrote: Re Gert, re Rossella [EMAIL PROTECTED] (Gert Doering) wrote: On Wed, Jun 04, 2008 at 09:43:54AM -0700, Rossella Mariotti-Jones wrote: This is good to know, thanks. We're going to have at least two ISPs possibly add more in the future, and a 100Mb pipe to it, which will grow to 200Mb soon. Right now we only have a DS3 and a lot of the times it gets up to 40Mb. I'm assuming we'll probably be pushing 80Mb easily pretty soon. This is our first BGP experience, we don't want to over buy but we also don't want to get stuck with a unit that's not going to be able to keep up. My gut feeling is go with a 7301 or 7200/NPE-G1. Why? Because it can deliver the 200 Mbit/s bandwidth, and it's a simple architecture - everything is software, and there is lots less hidden surprises than with the 6500/7600 platform. That would depend on packet sizes. I know we're a bit extreme (most of our packets are around 64-128 Bytes), yet...we're hitting 50% CPU load on 7301s with like 60 Mbps of Traffic (in+out aggregated), which amounts to around 72kpps. If your traffic consists of considerably larger packets, you may want to go with 7301s (G1) or 7201s (G2); if your packet sizes are small, you need to consider hardware forwarding platforms. If you need lots of ethernet ports, trunk one of the GigE ports from the router to a L2 switch (2950T-24 or such), and use that to fan out all the individual ports. Be careful if you set up an etherchannel; G1s and G2s do that in software, too, and it takes away forwarding capacity... Why is it, btw, that IOS doesn't use both CPU kernels there? Or did I miss an IOS version that started doing that? (still on 12.3T here) Nope. Never will. ASR will be the way forward. Rodney Yours, Elmi. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
On Fri, Jun 06, 2008 at 08:33:13AM +0200, Elmar K. Bins wrote: My gut feeling is go with a 7301 or 7200/NPE-G1. Why? Because it can deliver the 200 Mbit/s bandwidth, and it's a simple architecture - everything is software, and there is lots less hidden surprises than with the 6500/7600 platform. That would depend on packet sizes. I know we're a bit extreme (most of our packets are around 64-128 Bytes), yet...we're hitting 50% CPU load on 7301s with like 60 Mbps of Traffic (in+out aggregated), which amounts to around 72kpps. we experience the same. traffic is a little higher, but a large amount of it is DNS packets, hence mostly 512 bytes. If your traffic consists of considerably larger packets, you may want to go with 7301s (G1) or 7201s (G2); if your packet sizes are small, you need to consider hardware forwarding platforms. i know this may be heresy on this list, but look at juniper's J6350. similar price to a c7301, more throughput (even at small packet sizes). Why is it, btw, that IOS doesn't use both CPU kernels there? Or did I miss an IOS version that started doing that? (still on 12.3T here) i believe the 2nd CPU can only be enabled for some very specific features: http://www.cisco.com/en/US/docs/routers/7300/install_and_upgrade/7301/7301_install_and_config_guide/5418c.html#wp1154543 %% The Cisco 7301 includes a dual-CPU-core BCM 1250. All Cisco IOS images for the Cisco 7301 platform use CPU-core 0. CPU-core 1 allows acceleration of specific feature sets via separately purchased special software. As of Cisco IOS Release 12.3(14)YM, multi-processor forwarding (MPF) accelerates the following broadband features: L2TP Access Concentrator (LAC), L2TP Network Server (LNS), and PPP Terminated Aggregation (PTA). Port adapters are not supported in the multi-processor forwarding (MPF) path on processor 1. %% wild-ass speculation follows: i imagine the cost of data structure and code-path locking, IPIs and other multi-processor primitives (or simply the fiscal cost of coding same for this platform in 15+ year old code) negates any value to enabling the 2nd CPU for code paths that run in interrupt context and/or run through to delivery of the packet. the aforementioned MPF features can run independent of the IOS data structures that would need to be locked if the entire IOS code ran in what we traditionally call SMP. they most likely directly access the broadcom hardware over amd hypertransport, hence the unavailability of port adapters for MPF. /speculation there were murmurs of a team at cisco porting freebsd mips, which would have given native SMP support. however, all the people who were supposedly working on that no longer work for cisco (or now work in groups whose bailiwick is clearly not core OS coding). read into that what you will. -- bill ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
On Fri, Jun 06, 2008 at 09:21:51AM -0700, bill fumerola wrote: Why is it, btw, that IOS doesn't use both CPU kernels there? Or did I miss an IOS version that started doing that? (still on 12.3T here) i believe the 2nd CPU can only be enabled for some very specific features: http://www.cisco.com/en/US/docs/routers/7300/install_and_upgrade/7301/7301_install_and_config_guide/5418c.html#wp1154543 %% The Cisco 7301 includes a dual-CPU-core BCM 1250. All Cisco IOS images for the Cisco 7301 platform use CPU-core 0. CPU-core 1 allows acceleration of specific feature sets via separately purchased special software. As of Cisco IOS Release 12.3(14)YM, multi-processor forwarding (MPF) accelerates the following broadband features: L2TP Access Concentrator (LAC), L2TP Network Server (LNS), and PPP Terminated Aggregation (PTA). Port adapters are not supported in the multi-processor forwarding (MPF) path on processor 1. %% As stated in this letter: http://puck.nether.net/pipermail/cisco-nsp/2006-December/036864.html MPF support is discontinued in IOS. [...] there were murmurs of a team at cisco porting freebsd mips, which would have given native SMP support. however, all the people who were supposedly working on that no longer work for cisco (or now work in groups whose bailiwick is clearly not core OS coding). read into that what you will. I suppose, You've heard not about Cisco, but about Juniper. They ported FreeBSD to MIPS and then donated MIPS code back to FreeBSD: http://www.freebsd.org/news/newsflash.html 25 December: Juniper Networks, Inc. (http://www.juniper.net) has donated a reference FreeBSD port to the MIPS architecture to The FreeBSD Project. This code will be used as one reference for creating an official project-supported FreeBSD/MIPS offering ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
On Fri, Jun 06, 2008 at 09:04:05PM +0400, Alexandre Snarskii wrote: I suppose, You've heard not about Cisco, but about Juniper. no, i know what i said and it's accurate. They ported FreeBSD to MIPS and then donated MIPS code back to FreeBSD: http://www.freebsd.org/news/newsflash.html 25 December: Juniper Networks, Inc. (http://www.juniper.net) has donated a reference FreeBSD port to the MIPS architecture to The FreeBSD Project. This code will be used as one reference for creating an official project-supported FreeBSD/MIPS offering yeah, i know. :) -- [EMAIL PROTECTED] ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
Hi, On Wed, Jun 04, 2008 at 09:43:54AM -0700, Rossella Mariotti-Jones wrote: This is good to know, thanks. We're going to have at least two ISPs possibly add more in the future, and a 100Mb pipe to it, which will grow to 200Mb soon. Right now we only have a DS3 and a lot of the times it gets up to 40Mb. I'm assuming we'll probably be pushing 80Mb easily pretty soon. This is our first BGP experience, we don't want to over buy but we also don't want to get stuck with a unit that's not going to be able to keep up. My gut feeling is go with a 7301 or 7200/NPE-G1. Why? Because it can deliver the 200 Mbit/s bandwidth, and it's a simple architecture - everything is software, and there is lots less hidden surprises than with the 6500/7600 platform. If you need lots of ethernet ports, trunk one of the GigE ports from the router to a L2 switch (2950T-24 or such), and use that to fan out all the individual ports. (If you need raw forwarding performance well over 500 Mbit/s, go for the 6500/7600, but read up on this mailing list archives beforehand. There is lots of decisions to make, and the political games played by Cisco business units battling each other and damaging their customers in the process is a big problem). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025[EMAIL PROTECTED] pgpy8ahD5T5F0.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] bgp router
Hello all, we're looking to buy a router on which to run BGP that can take full BGP routes, I know all Cisco routers (1800 up) with Advanced IP services IOS will do BGP and I've been told that if we max out the memory we'll be fine with any router. We're going to need some ports (up to 24) in this router. We're looking at a 7604 with sup720-3b and 1gb of memory, a 2821 or 2851 with an nme and 1gb of memory, or another possibility is the ASR platform, but I haven't looked into this well yet. Any recommendations? Thanks in advance. *** Rossella Mariotti-Jones [EMAIL PROTECTED] Network Analyst, SS - SPIR - IT TAC desk 503-589-7775 - cell 503-480-4255 PRIVILEGED AND CONFIDENTIAL COMMUNICATION This electronic transmission, and any documents attached hereto, may contain confidential and/or legally privileged information. The information is intended only for use by the recipient named above. If you have received this electronic message in error, please notify the sender and delete the electronic message. Any disclosure, copying, distribution, or use of the contents of information received in error is strictly prohibited. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] bgp router
On Wed, 4 Jun 2008, Rossella Mariotti-Jones wrote: Hello all, we're looking to buy a router on which to run BGP that can take full BGP routes, I know all Cisco routers (1800 up) with Advanced IP services IOS will do BGP and I've been told that if we max out the memory we'll be fine with any router. We're going to need some ports (up to 24) in this router. We're looking at a 7604 with sup720-3b and 1gb of memory, a 2821 or 2851 with an nme and 1gb of memory, or another possibility is the ASR platform, but I haven't looked into this well yet. Any recommendations? Thanks in advance. 7600 and 2800 series are very different beasts. Figure out what sort of throughput/backplane capacity you need and that should point you towards the apropriate platform. If you go 7600, don't buy less than the sup720-3bxl. The older sup720-3b, regardless of how much RAM you put on it, won't properly handle full routes. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP Router Considerations
Hi folks. Looking for some input on a network design. Today, pair of 6509's with Sup2/MSFC2 and a Cisco 12012 GSR make up the distribution and core routing. What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The traffic is not a lot (500Mb/s or so) on this network . My final version would be a pair of 6509's doing core switching (distribution layer routing) in a mesh configuration to a pair of 7606's doing core routing .. Should I be looking at small GSR's for the core routing instead? Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Paul ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router Considerations
Hi, On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote: What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The Sup720 is not very fast, regarding CPU wise (= BGP update handling) but it will handle 3 full feeds just fine. If you want a faster CPU, you might want to check the RSP720, but beware (see below). The traffic is not a lot (500Mb/s or so) on this network . Traffic-wise, the Sup720 *is* fast :-) Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Basically it's the same thing. And with IOS 12.2SX*, there was no difference, except chassis colour. Then came the 7600 business unit (BU) inside Cisco and decided we're going to sell Real Routers, can't have this switch chassis crap around! and forked a software train (12.2SRA/SRB/SRC) that nowadays doesn't run on chassis that are labeled 6500 anymore. Just because they do an EEPROM check. Otherwise there is still no difference. There is some new hardware - the RSP720, the ES20 line cards, and the 7600-S chassis - that are *only* supported by SR* software. OTOH, there are LAN style line cards, notably the 6708 8x10GE card, that only just recently have been supported in SRC, and as far as I have heard, SRC is not very mature yet. Politely said. OTOH, there is the 6500 business unit, that targets enterprises - their IOS fork is 12.2SXH these days. They build nice things that ISPs might want to have as well, like modular IOS with restartable processes in case BGP leaks memory (and, in theory, upgrades-without-reboot, and such), the Sup720-10G supervisor engine, and thus. Until recently, buying a 7600+Sup720 and running SXF/SXH was what we considered future proof - you have a chassis that supports all the software that's out there, and are saved from the internal politics bullshit. Unfortunately, that's not completely true anymore - the 7600-S chassis are NOT supported by SXH IOS, and as far as we have been told, there are no plans to do so. So - what's the summary? Cisco internal politics is hurting customers. Whatever you decide upon, you'll be f***ed in a year or so. Get a Juniper M7i. For your traffic needs, it's definitely fast enough - and the CPU to handle the BGP updates is much faster. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025[EMAIL PROTECTED] pgpYtMTp0eJcK.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router Considerations
Thanks Gert... appreciate your open approach to this ;) I'm hoping to sell some ideas internally on a 5 year plan long time to justify anything it seems anymore... Is there a GSR/switch combo I could use intead? We've had GSR's and they are rock solid, turn them on and forget them boxes ... at least for us if we went GSR route, perhaps I could look at 4500 series switches or similar then Cost is always a consideration but I'm trying to combine scalability, redundancy, and future-proof all in one... I know it's like a dream but if I can be reasonably close than all the better Paul -Original Message- From: Gert Doering [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2008 1:13 PM To: Paul Stewart Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router Considerations Hi, On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote: What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The Sup720 is not very fast, regarding CPU wise (= BGP update handling) but it will handle 3 full feeds just fine. If you want a faster CPU, you might want to check the RSP720, but beware (see below). The traffic is not a lot (500Mb/s or so) on this network . Traffic-wise, the Sup720 *is* fast :-) Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Basically it's the same thing. And with IOS 12.2SX*, there was no difference, except chassis colour. Then came the 7600 business unit (BU) inside Cisco and decided we're going to sell Real Routers, can't have this switch chassis crap around! and forked a software train (12.2SRA/SRB/SRC) that nowadays doesn't run on chassis that are labeled 6500 anymore. Just because they do an EEPROM check. Otherwise there is still no difference. There is some new hardware - the RSP720, the ES20 line cards, and the 7600-S chassis - that are *only* supported by SR* software. OTOH, there are LAN style line cards, notably the 6708 8x10GE card, that only just recently have been supported in SRC, and as far as I have heard, SRC is not very mature yet. Politely said. OTOH, there is the 6500 business unit, that targets enterprises - their IOS fork is 12.2SXH these days. They build nice things that ISPs might want to have as well, like modular IOS with restartable processes in case BGP leaks memory (and, in theory, upgrades-without-reboot, and such), the Sup720-10G supervisor engine, and thus. Until recently, buying a 7600+Sup720 and running SXF/SXH was what we considered future proof - you have a chassis that supports all the software that's out there, and are saved from the internal politics bullshit. Unfortunately, that's not completely true anymore - the 7600-S chassis are NOT supported by SXH IOS, and as far as we have been told, there are no plans to do so. So - what's the summary? Cisco internal politics is hurting customers. Whatever you decide upon, you'll be f***ed in a year or so. Get a Juniper M7i. For your traffic needs, it's definitely fast enough - and the CPU to handle the BGP updates is much faster. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED] ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router Considerations
Or you may want to look into the new ASR routers. They are supposed to be positioned between the 7200's and the 7600's, but it doesn't sound like you are really pushing that much traffic through the system. If you need it now it's probably not an option, but if you are looking to what would be ideal in the near future this may be the answer. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gert Doering Sent: Wednesday, March 26, 2008 1:13 PM To: Paul Stewart Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router Considerations Hi, On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote: What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The Sup720 is not very fast, regarding CPU wise (= BGP update handling) but it will handle 3 full feeds just fine. If you want a faster CPU, you might want to check the RSP720, but beware (see below). The traffic is not a lot (500Mb/s or so) on this network . Traffic-wise, the Sup720 *is* fast :-) Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Basically it's the same thing. And with IOS 12.2SX*, there was no difference, except chassis colour. Then came the 7600 business unit (BU) inside Cisco and decided we're going to sell Real Routers, can't have this switch chassis crap around! and forked a software train (12.2SRA/SRB/SRC) that nowadays doesn't run on chassis that are labeled 6500 anymore. Just because they do an EEPROM check. Otherwise there is still no difference. There is some new hardware - the RSP720, the ES20 line cards, and the 7600-S chassis - that are *only* supported by SR* software. OTOH, there are LAN style line cards, notably the 6708 8x10GE card, that only just recently have been supported in SRC, and as far as I have heard, SRC is not very mature yet. Politely said. OTOH, there is the 6500 business unit, that targets enterprises - their IOS fork is 12.2SXH these days. They build nice things that ISPs might want to have as well, like modular IOS with restartable processes in case BGP leaks memory (and, in theory, upgrades-without-reboot, and such), the Sup720-10G supervisor engine, and thus. Until recently, buying a 7600+Sup720 and running SXF/SXH was what we considered future proof - you have a chassis that supports all the software that's out there, and are saved from the internal politics bullshit. Unfortunately, that's not completely true anymore - the 7600-S chassis are NOT supported by SXH IOS, and as far as we have been told, there are no plans to do so. So - what's the summary? Cisco internal politics is hurting customers. Whatever you decide upon, you'll be f***ed in a year or so. Get a Juniper M7i. For your traffic needs, it's definitely fast enough - and the CPU to handle the BGP updates is much faster. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router Considerations
Be very mindful of features here. The feature list for all but certain large carriers is pretty slim pickens. From: Fred Reimer [EMAIL PROTECTED] Date: Wed, 26 Mar 2008 13:22:37 -0400 To: Gert Doering [EMAIL PROTECTED], Paul Stewart [EMAIL PROTECTED] Cc: cisco-nsp@puck.nether.net Conversation: [c-nsp] BGP Router Considerations Subject: Re: [c-nsp] BGP Router Considerations Or you may want to look into the new ASR routers. They are supposed to be positioned between the 7200's and the 7600's, but it doesn't sound like you are really pushing that much traffic through the system. If you need it now it's probably not an option, but if you are looking to what would be ideal in the near future this may be the answer. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gert Doering Sent: Wednesday, March 26, 2008 1:13 PM To: Paul Stewart Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router Considerations Hi, On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote: What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The Sup720 is not very fast, regarding CPU wise (= BGP update handling) but it will handle 3 full feeds just fine. If you want a faster CPU, you might want to check the RSP720, but beware (see below). The traffic is not a lot (500Mb/s or so) on this network . Traffic-wise, the Sup720 *is* fast :-) Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Basically it's the same thing. And with IOS 12.2SX*, there was no difference, except chassis colour. Then came the 7600 business unit (BU) inside Cisco and decided we're going to sell Real Routers, can't have this switch chassis crap around! and forked a software train (12.2SRA/SRB/SRC) that nowadays doesn't run on chassis that are labeled 6500 anymore. Just because they do an EEPROM check. Otherwise there is still no difference. There is some new hardware - the RSP720, the ES20 line cards, and the 7600-S chassis - that are *only* supported by SR* software. OTOH, there are LAN style line cards, notably the 6708 8x10GE card, that only just recently have been supported in SRC, and as far as I have heard, SRC is not very mature yet. Politely said. OTOH, there is the 6500 business unit, that targets enterprises - their IOS fork is 12.2SXH these days. They build nice things that ISPs might want to have as well, like modular IOS with restartable processes in case BGP leaks memory (and, in theory, upgrades-without-reboot, and such), the Sup720-10G supervisor engine, and thus. Until recently, buying a 7600+Sup720 and running SXF/SXH was what we considered future proof - you have a chassis that supports all the software that's out there, and are saved from the internal politics bullshit. Unfortunately, that's not completely true anymore - the 7600-S chassis are NOT supported by SXH IOS, and as far as we have been told, there are no plans to do so. So - what's the summary? Cisco internal politics is hurting customers. Whatever you decide upon, you'll be f***ed in a year or so. Get a Juniper M7i. For your traffic needs, it's definitely fast enough - and the CPU to handle the BGP updates is much faster. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED] ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ This email and any attachments (Message) may contain legally privileged and/or confidential information. If you are not the addressee, or if this Message has been addressed to you in error, you are not authorized to read, copy, or distribute it, and we ask that you please delete it (including all copies) and notify the sender by return email. Delivery of this Message to any person other than the intended recipient(s) shall not be deemed a waiver of confidentiality and/or a privilege. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Router Considerations
Absolutely, that's why I said if you need it now it is probably not an option. However, that will change with time. I expect the feature list to be mostly complete a year from now. If it is a question of long-term planning then the platform should be considered. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 -Original Message- From: David Curran [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2008 4:03 PM To: Fred Reimer; Gert Doering; Paul Stewart Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router Considerations Be very mindful of features here. The feature list for all but certain large carriers is pretty slim pickens. From: Fred Reimer [EMAIL PROTECTED] Date: Wed, 26 Mar 2008 13:22:37 -0400 To: Gert Doering [EMAIL PROTECTED], Paul Stewart [EMAIL PROTECTED] Cc: cisco-nsp@puck.nether.net Conversation: [c-nsp] BGP Router Considerations Subject: Re: [c-nsp] BGP Router Considerations Or you may want to look into the new ASR routers. They are supposed to be positioned between the 7200's and the 7600's, but it doesn't sound like you are really pushing that much traffic through the system. If you need it now it's probably not an option, but if you are looking to what would be ideal in the near future this may be the answer. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gert Doering Sent: Wednesday, March 26, 2008 1:13 PM To: Paul Stewart Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Router Considerations Hi, On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote: What I'm considering is removing the 12012 because of the space it consumes (does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred peering sessions will the Sup720-3BXL cope ok from a memory perspective. The Sup720 is not very fast, regarding CPU wise (= BGP update handling) but it will handle 3 full feeds just fine. If you want a faster CPU, you might want to check the RSP720, but beware (see below). The traffic is not a lot (500Mb/s or so) on this network . Traffic-wise, the Sup720 *is* fast :-) Thanks for any feedback.. We have lots of 6500's but everyone keeps telling me lately to go 7600 series instead?? Basically it's the same thing. And with IOS 12.2SX*, there was no difference, except chassis colour. Then came the 7600 business unit (BU) inside Cisco and decided we're going to sell Real Routers, can't have this switch chassis crap around! and forked a software train (12.2SRA/SRB/SRC) that nowadays doesn't run on chassis that are labeled 6500 anymore. Just because they do an EEPROM check. Otherwise there is still no difference. There is some new hardware - the RSP720, the ES20 line cards, and the 7600-S chassis - that are *only* supported by SR* software. OTOH, there are LAN style line cards, notably the 6708 8x10GE card, that only just recently have been supported in SRC, and as far as I have heard, SRC is not very mature yet. Politely said. OTOH, there is the 6500 business unit, that targets enterprises - their IOS fork is 12.2SXH these days. They build nice things that ISPs might want to have as well, like modular IOS with restartable processes in case BGP leaks memory (and, in theory, upgrades-without-reboot, and such), the Sup720-10G supervisor engine, and thus. Until recently, buying a 7600+Sup720 and running SXF/SXH was what we considered future proof - you have a chassis that supports all the software that's out there, and are saved from the internal politics bullshit. Unfortunately, that's not completely true anymore - the 7600-S chassis are NOT supported by SXH IOS, and as far as we have been told, there are no plans to do so. So - what's the summary? Cisco internal politics is hurting customers. Whatever you decide upon, you'll be f***ed in a year or so. Get a Juniper M7i. For your traffic needs, it's definitely fast enough - and the CPU to handle the BGP updates is much faster. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED] ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ This email and any attachments (Message) may contain legally privileged and/or confidential information. If you are not the addressee, or if this Message has been addressed to you in error, you are not authorized to read, copy, or distribute it, and we ask that you please delete it (including all copies