> Saku Ytti
> Sent: Saturday, December 19, 2020 12:57 PM
>
> On Sat, 19 Dec 2020 at 13:45, Lukas Tribus <[email protected]> wrote:
>
> > soft-reconfig inbound always amounts to 100 MB of memory consumption
> > for a v4 + v6 full feed as of last week on 32-bit XR. I can live with
> > 100MB of memory consumption per full feed, so I'm doing soft-reconfig
> > inbound always everywhere. This also helps with troubleshooting.
>
> It is also DRAM exhaustion attack vector. But of course routers are
extremely
> fragile and anyone motivated can easily bring them down by plethora of
> methods. Even with max-prefix it may be, as max-prefix may mean before or
> after policy count, depending on platform and configuration toggle.
>
Good point, also all the potential attribute filtering (in XR) would it be
applied prior to accepting the route into soft-reconfig version of the
table?
I guess the enhance bgp error correction would kick in prior to letting the
malformed update (i.e. at the update process time).
adam
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
