Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) and upstream(s)
Dear Guru(s), We used to run our ‘Gateway Router’ with ROV turned on. Then, we “upgraded” it to a Cisco NCS-55A1 (5500 Series) running IOS-XR just a few weeks ago. Consequently, during my rummage through Google for a (the?) best (ROV) configuration template for the new router, I found a tutorial by Philip Smith [Reference: https://www.bgp4all.com/pfs/_media/workshops/02-rpki.pdf, Slide #55] which cautioned me of Cisco IOS-XR essentially “harassing” all peers and upstreams with ‘Route Refresh’ whenever there is a VRP change. The tutorial advised turning on ‘Soft Reconfiguration’ to help with the problem. On the one hand, we have a very special relationship with our upstream [they’re kind of community transit provider; we have an in-kind stake in them as well], so we obviously don’t want to cause them grievances [their grievance is our grievance]. On the other hand, we can't afford to just throw away a newly bought gateway and buy a new one. So, here goes the question: Is setting 'Soft Reconfiguration' enough for me to keep ROV running? If not, is there any other solution? Or am I screwed anyway? I would very much appreciate clarification and pointer(s) to the solution(s). Thank you in advance for the help, Pirawat.
Hi! In current versions I think enabling “soft-reconfiguration-inbound always” (also described at https://bgpfilterguide.nlnog.net/guides/reject_invalids/#cisco-ios-xr ) should be enough. Make sure to enable it on every EBGP peer you apply ROV to, or just all EBGP peers. This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-) Kind regards, Job On Wed, 11 May 2022 at 18:44, Pirawat WATANAPONGSE via NANOG < nanog@nanog.org> wrote:
Dear Guru(s),
We used to run our ‘Gateway Router’ with ROV turned on. Then, we “upgraded” it to a Cisco NCS-55A1 (5500 Series) running IOS-XR just a few weeks ago.
Consequently, during my rummage through Google for a (the?) best (ROV) configuration template for the new router, I found a tutorial by Philip Smith [Reference: https://www.bgp4all.com/pfs/_media/workshops/02-rpki.pdf, Slide #55] which cautioned me of Cisco IOS-XR essentially “harassing” all peers and upstreams with ‘Route Refresh’ whenever there is a VRP change. The tutorial advised turning on ‘Soft Reconfiguration’ to help with the problem.
On the one hand, we have a very special relationship with our upstream [they’re kind of community transit provider; we have an in-kind stake in them as well], so we obviously don’t want to cause them grievances [their grievance is our grievance]. On the other hand, we can't afford to just throw away a newly bought gateway and buy a new one.
So, here goes the question: Is setting 'Soft Reconfiguration' enough for me to keep ROV running? If not, is there any other solution? Or am I screwed anyway?
I would very much appreciate clarification and pointer(s) to the solution(s).
Thank you in advance for the help,
Pirawat.
On 5/11/22 18:53, Job Snijders via NANOG wrote:
Hi!
In current versions I think enabling “soft-reconfiguration-inbound always” (also described at https://bgpfilterguide.nlnog.net/guides/reject_invalids/#cisco-ios-xr ) should be enough.
Make sure to enable it on every EBGP peer you apply ROV to, or just all EBGP peers.
This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-)
Just to add that this is useful on all eBGP speakers based on IOS XR. It's not required in Junos, because Junos does this implicitly. A draft RFC we co-authored attempts to offer a solution: https://www.ietf.org/archive/id/draft-ietf-sidrops-rov-no-rr-01.txt Mark.
Wed, May 11, 2022 at 07:29:04PM +0200, Mark Tinka:
On 5/11/22 18:53, Job Snijders via NANOG wrote:
In current versions I think enabling “soft-reconfiguration-inbound always” (also described at https://bgpfilterguide.nlnog.net/guides/reject_invalids/#cisco-ios-xr ) should be enough.
Make sure to enable it on every EBGP peer you apply ROV to, or just all EBGP peers.
This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-)
Just to add that this is useful on all eBGP speakers based on IOS XR.
any IOS, not just XR.
On 5/11/22 10:53 AM, Job Snijders via NANOG wrote:
This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-)
I question how accurate "slightly" is. My understanding is that soft reconfiguration inbound (whatever the syntax for a given IOS is) causes a full copy of the received prefix list to be retained in memory for each of the peers with soft reconfiguration enabled. So, to me, the amount of impact to memory will be based on both the number of prefixes advertised and the number of peers that soft reconfiguration is enabled on. Please enlighten me if I'm wrong / misunderstanding something. -- Grant. . . . unix || die
On Wed, 11 May 2022 at 21:22, Grant Taylor via NANOG <nanog@nanog.org> wrote:
On 5/11/22 10:53 AM, Job Snijders via NANOG wrote:
This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-)
I question how accurate "slightly" is.
My understanding is that soft reconfiguration inbound (whatever the syntax for a given IOS is) causes a full copy of the received prefix list to be retained in memory for each of the peers with soft reconfiguration enabled.
So, to me, the amount of impact to memory will be based on both the number of prefixes advertised and the number of peers that soft reconfiguration is enabled on.
Please enlighten me if I'm wrong / misunderstanding something.
True and the amount of memory used per prefix also depends on things like BGP communities. When I tested this, on 32 bit XR I had a memory increase of about 400 MB for a full feed 2 years ago. But with or without soft-reconfig inbound always, your memory usage increases with more prefixes. I don't see any drastic change in scaling numbers because of this on today's HW. Lukas
Wed, May 11, 2022 at 09:36:36PM +0200, Lukas Tribus:
True and the amount of memory used per prefix also depends on things like BGP communities.
When I tested this, on 32 bit XR I had a memory increase of about 400 MB for a full feed 2 years ago.
it depends on the architechture, the variance in paths and attributes, and how much your policy alters those, what is being sent vs filtered, AND the number of peers and add-path, etc etc. eg: if your policy alters attributes, space for both the old and new attributes is needed. Whether you need 64bit depends on the total memory usage exceeding, iirc, 3.2GB.
On Wed, May 11, 2022 at 01:22:32PM -0600, Grant Taylor via NANOG wrote:
On 5/11/22 10:53 AM, Job Snijders via NANOG wrote:
This knob slightly increase your own memory consumption, but makes your router more “neighbourly”! :-)
I question how accurate "slightly" is.
My understanding is that soft reconfiguration inbound (whatever the syntax for a given IOS is) causes a full copy of the received prefix list to be retained in memory for each of the peers with soft reconfiguration enabled.
So, to me, the amount of impact to memory will be based on both the number of prefixes advertised and the number of peers that soft reconfiguration is enabled on.
Please enlighten me if I'm wrong / misunderstanding something.
From experience at a previous employer I recall that 'soft-reconfiguration inbound' on routers (with multiple full routing
How much memory exactly is consumed, will depend on the architecture of the application (whether duplicity of information such as path attributes is avoided as much as possible). Indeed, YMMV. tables) was problematic on 32-bit versions of the operating system; but not an issue on 64-bit. If unsure, test on a few peers and monitor memory usage! Its also a valid question to the Technical Assistance Center "hey, will enabling this soft-reconfiguration feature land me in hot water?" Kind regards, Job
Hi, If you are running "soft-reconfiguration inbound rpki-droppped-only" on IOS-XR7, please note CSCwb17937. We had a terrible time with this. Best regards, takez
2022/05/12 1:43、Pirawat WATANAPONGSE via NANOG <nanog@nanog.org>のメール:
Dear Guru(s),
We used to run our ‘Gateway Router’ with ROV turned on. Then, we “upgraded” it to a Cisco NCS-55A1 (5500 Series) running IOS-XR just a few weeks ago.
Consequently, during my rummage through Google for a (the?) best (ROV) configuration template for the new router, I found a tutorial by Philip Smith [Reference: https://www.bgp4all.com/pfs/_media/workshops/02-rpki.pdf, Slide #55] which cautioned me of Cisco IOS-XR essentially “harassing” all peers and upstreams with ‘Route Refresh’ whenever there is a VRP change. The tutorial advised turning on ‘Soft Reconfiguration’ to help with the problem.
On the one hand, we have a very special relationship with our upstream [they’re kind of community transit provider; we have an in-kind stake in them as well], so we obviously don’t want to cause them grievances [their grievance is our grievance]. On the other hand, we can't afford to just throw away a newly bought gateway and buy a new one.
So, here goes the question: Is setting 'Soft Reconfiguration' enough for me to keep ROV running? If not, is there any other solution? Or am I screwed anyway?
I would very much appreciate clarification and pointer(s) to the solution(s).
Thank you in advance for the help,
Pirawat.
Is setting 'Soft Reconfiguration' enough for me to keep ROV running?
yes, should be.
If not, is there any other solution?
yes. jakob says he has implemented https://datatracker.ietf.org/doc/draft-ietf-sidrops-rov-no-rr/, though i do not known in what xr image(s) randy
participants (8)
-
Grant Taylor
-
heasley
-
Job Snijders
-
Lukas Tribus
-
Mark Tinka
-
Pirawat WATANAPONGSE
-
Randy Bush
-
Tomoya Takezaki