nanog mailing list archives
Re: any dangers of filtering every /24 on full internet table to preserve FIB space ?
From: Matthew Petach <mpetach () netflight com>
Date: Mon, 10 Oct 2022 15:37:10 -0700
On Mon, Oct 10, 2022 at 8:44 AM Mark Tinka <mark@tinka.africa> wrote:
On 10/10/22 16:58, Edvinas Kairys wrote:Hello, We're considering to buy some Cisco boxes - NCS-55A1-24H. That box has 24x100G, but only 2.2mln route (FIB) memory entries. In a near future it will be not enough - so we're thinking to deny all /24s to save the memory. What do you think about that approach - I know it could provide some misbehavior. But theoretically every filtered /24 could be routed via smaller prefix /23 /22 /21 or etc. But of course it could be a situation when denied /24 will not be covered by any smaller prefix.I wouldn't bank on that. I am confident I have seen /24's with no covering route, more so for PI space from RIR's that may only be able to allocate a /24 and nothing shorter. It would be one heck of an experiment, though :-). Mark.
I may or may not have done something like this at $PREVIOUS_DAY_JOB. We (might have) discovered some interesting brokenness on the Internet in doing so; in one case, a peer was sending a /20 across exchange peering sessions with us, along with some more specific /24s. After filtering out the /24s, traffic rightly flowed to the covering /20. Peer reached out in an outraged huff; the /24s were being advertised from non-backbone-connected remote sites in their network, that suddenly couldn't fetch content from us anymore. Traceroutes from our side followed the /20 back to their "core", and then died. They explained the /24s were being advertised from remote sites without backbone connections to the site advertising the /20, and we needed to stop sending traffic to the /20, and send it directly to the /24 instead. We demurred, and let them know we were correctly following the information in the routing table. They became even more huffy, insisting that we were breaking the internet by not following the correct routing for the more-specific /24s which were no longer present in our tables. No amount of trying to explain to them that they should not advertise an aggregate route if no connectivity to the more specific constituents existed seemed to get the point across. In their eyes, advertising the /24s meant that everyone should follow the more specific route to the final destination directly. So, even seeing a 'covering route' in the table is no guarantee that you won't create subtle and not-so-subtle breakage when filtering out more specifics to save table space. ^_^; Having (possibly) done this once in the past, I'd strongly recommend looking for a different solution--or at least be willing to arm your front-end response team with suitable "No, *you* broke the Internet" asbestos suits before running a git commit to push your changes out to all the affected devices in your network. ;) Matt
Current thread:
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ?, (continued)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Jim Troutman (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Mike Hammett (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Elmar K. Bins (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Mike Hammett (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Jeff Tantsura (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Elmar K. Bins (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Mark Tinka (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Matthew Petach (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Ryan Rawdon (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Jeff Tantsura (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Mark Tinka (Oct 10)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Matthew Petach (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Richard Golodner (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Matthew Petach (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? William Herrin (Oct 11)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Matthew Petach (Oct 16)
- Re: any dangers of filtering every /24 on full internet table to preserve FIB space ? Matthew Petach (Oct 10)