[12579] in North American Network Operators' Group
Re: Packets from net 10 (no, not the lyrics)
daemon@ATHENA.MIT.EDU (Kenneth E. Gray)
Tue Sep 23 14:02:43 1997
Date: Tue, 23 Sep 1997 13:45:28 -0400
To: "Kevin Oberman" <oberman@es.net>, "Randall S. Benn" <rbenn@clark.net>
From: "Kenneth E. Gray" <kegray@cisco.com>
Cc: bmanning@ISI.EDU, nanog@merit.edu, oberman@es.net
And that would be process switching to Null0, I believe.
At 08:22 AM 9/23/97 -0700, Kevin Oberman wrote:
>> Date: Tue, 23 Sep 1997 10:45:19 -0400
>> From: "Randall S. Benn" <rbenn@clark.net>
>
>> I think you'll find that your router's CPU will be happier if you just dump
>> the 1918 networks to the bit bucket on your border routers with a static
>> route via interface Null0:
>>
>> ip route 10.0.0.0 255.0.0.0 null0
>> ip route 127.0.0.0 255.0.0.0 null0
>> etc.
>>
>> Considering resource utilization on the router, it is cheaper to do a
>> routing table look-up than it is to do ACLs. Also, when you're doing
>> outbound filtering on the router, you have to do a routing table lookup
>> first before you can do outbound filtering. Save a step and just do the
>> routing table lookup.
>
>I don't think so. The static routes will require processing every
>packet destined for the 10.0.0.0/8 and 127.0.0.0/8 nets, but you will
>still have the bad route. The CPU will have to deal with any traffic
>for 10.0.0.0/8 and any interior routers will forward packets since you
>have a route.
>
>On the other hand, a filter on the BGP session will block the route
>from being accepted and only require CPU action once...when it is
>announced. You have no route to these nets and can't propagate the
>routes since you don't have them.
>
>Andrew clearly has the correct approach.
>--
>R. Kevin Oberman, Network Engineer
>Energy Sciences Network (ESnet)
>Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
>E-mail: oberman@es.net Phone: +1 510 486-8634
>
>
Ken Gray || ||
ISP Systems Engineer || ||
Reston, Virginia USA |||| ||||
tel: +1.703.397.5942 ..:||||||:..:||||||:..
e-mail: kegray@cisco.com c i s c o S y s t e m s
fax: +1.703.397.5999
