[93450] in North American Network Operators' Group
Re: "Neighbor maximum-prefix" option on routers
daemon@ATHENA.MIT.EDU (Jay Hennigan)
Sun Nov 19 20:33:03 2006
Date: Sun, 19 Nov 2006 17:31:36 -0800
From: Jay Hennigan <jay@west.net>
To: "Ricardo V. Oliveira" <rveloso@cs.ucla.edu>
Cc: nanog@nanog.org
In-Reply-To: <30B9F041-397A-4E28-A4B3-9F8B61AA5CF1@cs.ucla.edu>
Errors-To: owner-nanog@merit.edu
Ricardo V. Oliveira wrote:
>
> Hi all,
>
> I was wondering what's the common practice among ISPs regarding the
> "neighbor maximum-prefix" option in Cisco and Juniper routers?
> By default this option is disabled in both Cisco and Juniper boxes, but
> was wondering if anyone in this list already configured it?
We use it facing customers, typically set to about double the number of
prefixes that we expect to see from them, configured to restart in 10
minutes. This is a sanity check should they try to send us a full table
or similar broken behavior. Route-maps and filter-lists are in place as
well. Towards our backbone peers from whom we expect full routes I just
bumped it to 300,000. I thought 200K routes would be plenty but we're
getting pretty close to that. To the best of my knowledge we've never
actually hit the limit in a live traffic scenario, but I've labbed it
and it works, at least on Cisco boxes.
--
Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net
Impulse Internet Service - http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV
