EBGP neighbor limit?

Discussion in 'Cisco' started by Hansang Bae, Jul 24, 2004.

  1. Hansang Bae

    Hansang Bae Guest

    For all you ISP folks, can you tell me how many neighbors you put on
    your routers? (Cisco 6500/7200 or Juniper M10s).

    The remote sites would only require 0/0 and a few select routes. I'm
    thinking of ditching OSPF and going with BGP as the primary routing
    protocols to my branches.

    Why? Because the branches have application level HA built in, but due
    to the nature of totally stubby area, branch router A does not know that
    branch router B has a more direct route.

    I can switch to stub area and allow external routes to come in, but then
    I have to play with recursive routing to ensure that certain networks
    are preferred over link A and others over link B. With BGP, this
    becomes a very simple task.

    Also, I will no longer require GRE tunnels to keep the areas whole. I a
    WAN link fails, it's possible that a remote site will become transit
    (since intra area routes are preferred). I don't have that problem with
    BGP.

    Another reason? I can IPSec the bgp traffic. Now I won't have to worry
    about OSPF not dying while IPSec goes to la la land - thereby black
    holing traffic. I can use GRE tunnels to force this relaireliable
    failure, but if I use bgp, I can just encrypt tcp port 179.

    Comments?

    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Jul 24, 2004
    #1
    1. Advertising

  2. Hansang Bae

    John Agosta Guest

    2 cents...

    What about BGP convergence times ?
    Perhaps ISIS, with route leaking would help
    with the Tstubby issue, and there's not so much of an issue
    with keeping areas "whole."
    I think ISIS will provide better convergence times ??

    -ja




    "Hansang Bae" <> wrote in message
    news:...
    > For all you ISP folks, can you tell me how many neighbors you put on
    > your routers? (Cisco 6500/7200 or Juniper M10s).
    >
    > The remote sites would only require 0/0 and a few select routes. I'm
    > thinking of ditching OSPF and going with BGP as the primary routing
    > protocols to my branches.
    >
    > Why? Because the branches have application level HA built in, but due
    > to the nature of totally stubby area, branch router A does not know that
    > branch router B has a more direct route.
    >
    > I can switch to stub area and allow external routes to come in, but then
    > I have to play with recursive routing to ensure that certain networks
    > are preferred over link A and others over link B. With BGP, this
    > becomes a very simple task.
    >
    > Also, I will no longer require GRE tunnels to keep the areas whole. I a
    > WAN link fails, it's possible that a remote site will become transit
    > (since intra area routes are preferred). I don't have that problem with
    > BGP.
    >
    > Another reason? I can IPSec the bgp traffic. Now I won't have to worry
    > about OSPF not dying while IPSec goes to la la land - thereby black
    > holing traffic. I can use GRE tunnels to force this relaireliable
    > failure, but if I use bgp, I can just encrypt tcp port 179.
    >
    > Comments?
    >
    > --
    >
    > hsb
    >
    > "Somehow I imagined this experience would be more rewarding" Calvin
    > *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    > ********************************************************************
    > Due to the volume of email that I receive, I may not not be able to
    > reply to emails sent to my account. Please post a followup instead.
    > ********************************************************************
     
    John Agosta, Jul 25, 2004
    #2
    1. Advertising

  3. Hansang Bae

    Hansang Bae Guest

    In article <>,
    j_agosta@remove_wideopenwest.kom says...
    > 2 cents...
    >
    > What about BGP convergence times ?
    > Perhaps ISIS, with route leaking would help
    > with the Tstubby issue, and there's not so much of an issue
    > with keeping areas "whole."
    > I think ISIS will provide better convergence times ??


    We can crank down the timers so that shouldn't be too much of an issue.
    the keeping the area whole comes into play when one of the redundant
    link goes down. Do to area summarizations, another branch can become a
    transit network.

    ISIS is not an option due to operational issues. Our operational team
    has zero experience in ISIS (not that I have much either) so that's out.

    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Jul 25, 2004
    #3
  4. Hansang Bae

    John Agosta Guest

    "Hansang Bae" <> wrote in message
    news:...
    > In article <>,
    > j_agosta@remove_wideopenwest.kom says...
    > > 2 cents...
    > >
    > > What about BGP convergence times ?
    > > Perhaps ISIS, with route leaking would help
    > > with the Tstubby issue, and there's not so much of an issue
    > > with keeping areas "whole."
    > > I think ISIS will provide better convergence times ??

    >
    > We can crank down the timers so that shouldn't be too much of an issue.
    > the keeping the area whole comes into play when one of the redundant
    > link goes down. Do to area summarizations, another branch can become a
    > transit network.
    >
    > ISIS is not an option due to operational issues. Our operational team
    > has zero experience in ISIS (not that I have much either) so that's out.
    >
    > --
    >
    > hsb
    >



    Well, 2 cents is worth just that, isn't it?

    I dunno - perhaps your idea is a good one. It's hard to comment
    not seeing the 'picture.' I assume other IGPs have been looked at,
    and have been deemed "less superior" for your needs.
    Knowing your pedigree, I suspect that whatever
    solution you feel most comfortable with will do the trick;
    and there's nothing wrong with BGP being used as an IGP......
    Personally, I don't like the idea of tweaking timers unless I am sure
    that everyone on board is aware of the tweaks and cranks.
    Changes from the norm can bite ya down the road when people
    are not well informed and paper is not well documented.......

    PS - Rosie O'Grady's in NYC was nice.
    Much better than the other joint.
    Sorry it didn't pan out.......


    -ja
     
    John Agosta, Jul 25, 2004
    #4
  5. In article <>,
    John Agosta <j_agosta@remove_wideopenwest.kom> wrote:
    >
    >"Hansang Bae" <> wrote in message
    >news:...
    >> In article <>,
    >> j_agosta@remove_wideopenwest.kom says...
    >> > 2 cents...
    >> >
    >> > What about BGP convergence times ?
    >> > Perhaps ISIS, with route leaking would help
    >> > with the Tstubby issue, and there's not so much of an issue
    >> > with keeping areas "whole."
    >> > I think ISIS will provide better convergence times ??

    >>
    >> We can crank down the timers so that shouldn't be too much of an issue.
    >> the keeping the area whole comes into play when one of the redundant
    >> link goes down. Do to area summarizations, another branch can become a
    >> transit network.
    >>
    >> ISIS is not an option due to operational issues. Our operational team
    >> has zero experience in ISIS (not that I have much either) so that's out.
    >>
    >> --
    >>
    >> hsb
    >>

    >
    >
    >Well, 2 cents is worth just that, isn't it?
    >
    >I dunno - perhaps your idea is a good one. It's hard to comment
    >not seeing the 'picture.' I assume other IGPs have been looked at,
    >and have been deemed "less superior" for your needs.
    >Knowing your pedigree, I suspect that whatever
    >solution you feel most comfortable with will do the trick;
    >and there's nothing wrong with BGP being used as an IGP......
    >Personally, I don't like the idea of tweaking timers unless I am sure
    >that everyone on board is aware of the tweaks and cranks.
    >Changes from the norm can bite ya down the road when people
    >are not well informed and paper is not well documented.......
    >
    >-ja


    Hansang,

    I've been following this discussion and can pitch in another 2 cents
    worth...

    You should have no problem with numbers. The killer activity for
    BGP is scanning the routing table, which is a CPU hog when running
    defaultless on a 7200 and accepting multiple feeds. In your case,
    the routing table is a joke, maybe a few hundred routes if you
    get carried away, and if you can detect the CPU impact, even after
    cranking up the timers, I'd be amazed.

    Another approach to consider is policy routing, because that is the
    key feature of BGP you are actually using. Combined with SAA/RTR,
    you could even get around the IPSec problems, although you may need
    to wait a few years for an IOS which supports all the features to
    get through the approval process.

    Have you discussed your ideas with Ms. Y.A.? When I was there she
    was the only employee in the tower who really understood BGP, and if
    she doesn't bless it, it doesn't matter how good a solution it is,
    it won't get past design review. It doesn't matter that your use
    of BGP is unrelated to her use of BGP.

    As for John's concern re: future maintenance, I'm not too worried
    about the "down the road" part. As you've already mentioned in other
    postings, there is a good documentation trail built into your change
    control system there (yes Virginia, some organizations actually do
    have formal change controls that work), so there is no excuse for the
    knowledge of what you are doing and why to be lost. Just remember
    to write it up so that BGP skill is not required to understand the
    impact of making changes without understanding how it works :)

    Good luck and have fun!
    --
    Vincent C Jones, Consultant Expert advice and a helping hand
    Networking Unlimited, Inc. for those who want to manage and
    Tenafly, NJ Phone: 201 568-7810 control their networking destiny
    http://www.networkingunlimited.com
     
    Vincent C Jones, Jul 26, 2004
    #5
  6. Hansang Bae

    Hansang Bae Guest

    In article <ce2t5l$btj$>,
    says...
    > I've been following this discussion and can pitch in another 2 cents
    > worth...
    >
    > You should have no problem with numbers. The killer activity for
    > BGP is scanning the routing table, which is a CPU hog when running
    > defaultless on a 7200 and accepting multiple feeds. In your case,
    > the routing table is a joke, maybe a few hundred routes if you
    > get carried away, and if you can detect the CPU impact, even after
    > cranking up the timers, I'd be amazed.


    At the branch side, it's of no concern. The headends can get the
    aggressively summarized routes so that shouldn't be too bad either. It
    may go up to 600-800, though.


    > Another approach to consider is policy routing, because that is the
    > key feature of BGP you are actually using. Combined with SAA/RTR,
    > you could even get around the IPSec problems, although you may need
    > to wait a few years for an IOS which supports all the features to
    > get through the approval process.


    We are just piloting 12.2.24a to remedy the T3 bugs we found in pa-mc-
    2t3+ cards. So as you note, it may be a while before I can roll
    something like saa/rtr. Another thing to consider is the operational
    support.



    > Have you discussed your ideas with Ms. Y.A.? When I was there she
    > was the only employee in the tower who really understood BGP, and if
    > she doesn't bless it, it doesn't matter how good a solution it is,
    > it won't get past design review. It doesn't matter that your use
    > of BGP is unrelated to her use of BGP.



    You do have good memory! She actually runs the internal network
    engineering these days and has been out of the day to day design
    process.


    > As for John's concern re: future maintenance, I'm not too worried
    > about the "down the road" part. As you've already mentioned in other
    > postings, there is a good documentation trail built into your change
    > control system there (yes Virginia, some organizations actually do
    > have formal change controls that work), so there is no excuse for the
    > knowledge of what you are doing and why to be lost. Just remember
    > to write it up so that BGP skill is not required to understand the
    > impact of making changes without understanding how it works :)



    It would actually be a template for others to implement. Do to some data
    center strategy changes, I have 7 months to build a new data center and
    move about 800+ branches! And that's only phase I. Well, it does keep
    it exciting I suppose!

    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Jul 27, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Hansang Bae
    Replies:
    0
    Views:
    547
    Hansang Bae
    Aug 24, 2004
  2. Kevin Sonney

    Recommended Hardware for eBGP

    Kevin Sonney, Nov 2, 2005, in forum: Cisco
    Replies:
    6
    Views:
    464
  3. anthony crowder
    Replies:
    20
    Views:
    2,856
    hhtest
    Jan 16, 2007
  4. mmark751969

    dual peer ebgp

    mmark751969, Mar 25, 2008, in forum: Cisco
    Replies:
    1
    Views:
    419
    p_teatreeoil
    Mar 25, 2008
  5. mmark751969

    dual honed ebgp multihop

    mmark751969, Mar 31, 2008, in forum: Cisco
    Replies:
    1
    Views:
    1,376
Loading...

Share This Page