Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1242
Views
0
Helpful
2
Replies

BGP routing on Cisco ASR 1002 router

childebrecht
Level 1
Level 1

‎07-10-2013 02:05 PM - edited ‎03-04-2019 08:25 PM

Hello,

I had a few questions I was hoping to get some answers to.  I was trying to figure out a way to to limit BGP tables per output port on my router.

The situation is currently I have a 700 Meg pipe coming in from my ISP which feeds into the ASR 1002 router.  I have one customer who tries to utilize a full BGP route table.  When they do this it uses up the CPU usage on my core switch, a Catalyst 6509-E switch, due to the fact that it is only capable of 256,000 routes with the Supervisor engine I have installed which is the WS-SUP720-3B.  Currently I have put a filter list on my neighbor route to limit the number of BGP routes available but this limits everybody's connection coming out of the router now I believe.  Is it put the access-list which is limiting my BGP routes on just specific output ports of the router instead of on the incoming connection?

Any help would be appreciated.

Thank you,

Labels:
0 Helpful
2 Replies 2

amabdelh
Level 1
Level 1

‎07-10-2013 03:56 PM

If your router has the full table and there is no outbound filter, then you will share the full bgp table with your customer
If you can provide more details like your bgp config in addition to show version

Sent from Cisco Technical Support iPhone App

0 Helpful

childebrecht
Level 1
Level 1
In response to amabdelh

‎07-11-2013 09:34 AM

I have attached show version as a text file below.

Also below is a little bit more detail. 

What we did was change to a different connection for bandwidth from AT&T.  Originally we had an OC-12 connection which due to limitations in that connection the BGP routing was not an issue.  We now have upgraded to a full GigE connection from AT&T for our bandwidth and without any filters on it we get a full BGP routing available which is overloading our core switch ( Catalyst 6509-E) due to the Supervisor Board (WS-SUP720-3B) we have running in it only being cable of so many routes and we have a customer hooked up in that core switch utilizing a 400Meg fiber connection and trying to utilize a full BGP route table which is pushing the CPU usage on our Catalyst 6509-E to its limits due to I believe them trying to use a full BGP route table.

To temporary fix this problem we changed the access-list that the neighbor IP address was using.  It was using access-list 86 which lets everything through and we changed it to access-list 85 which just lets AT&T through I believe.

neighbor 0.0.0.0 filter-list 85 in

ip as-path access-list 85 permit ^7018$
ip as-path access-list 86 permit ^7018_[0-9]*$

What I was curious about is can you put these access list restrictions on an outbound port of the ASR1002 instead of on the incoming connection.  If so what I am going to do is move my 400Meg fiber connection customer to one of the extra GigabitEthernet ports on the ASR1002 and try to just give that port the access-list 86 permissions so they can have a full BGP table and leave the access-list 85 restrictions on the GigabitEthernet port feeding my core switch and remove the restriction for the neighbor IP address.

Thanks for the assistance.

15363937-asr1002_show_version.TXT.zip
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card