On Fri, Feb 24, 2012 at 9:12 PM, Dobbins, Roland <rdobb...@arbor.net> wrote: > > On Feb 25, 2012, at 8:59 AM, Christopher Morrow wrote: > >> max-prefix already exists... sometimes it works, sometimes it's a burden. > > Some sort of throttle - i.e., allow only X number of routing updates within Y > number of [seconds? milliseconds? BGP packets?] would be more useful, IMHO. > If the configured rate is exceeded, maintain the session but stop accepting > further updates until either manually reset or the rate of updates falls back > within acceptable parameters.
it seems to me that most of the options discussed for this are .. bad, in one dimension or another :( typical max-prefix today will dump a session, if you exceed the number of prefixes on the session... good? maybe? bad? maybe? did the peer fire up a full table to you? or did you just not pay attention to the log messages saying: "Hey, joe's going to need an update shortly..." X prefixes/packets in Y seconds/milliseconds doesn't keep the peer from blowing up your RIB, it does slow down convergence :( If you have 200 peers on an edge device, dropping the whole device's routing capabilities because of one AS7007/AS1221/AS9121 .. isn't cool to your network nor the other customers on that device :( max-prefix as it exists today at least caps the damage at one customer. The knobs available are sort of harsh all the way around though today :( -chris
