[AusNOG] Routing in NX-OS vs IOS

Matthew Moyle-Croft mmc at mmc.com.au
Mon Nov 7 14:43:54 EST 2011


Hi,
clear ip bgp <peer ip/as> soft should be enough.

At $employer-1 we did all BGP config from a database.  So, all changes got pushed as one and so no mistakes were made.

MMC

On 07/11/2011, at 11:55 AM, Ben Byer wrote:

> On Thu, Nov 3, 2011 at 10:42 PM, Glen Turner <gdt at gdt.id.au> wrote:
> Ben wrote:
> > ....but wait!  I have multiple protocol clients using the same route-map - and maybe I *don't* want the change to be propagated to all of them at once as soon as I type "exit".  The way IOS allows you to change a route-map, then cause it to take effect on a per-peer basis via a soft clear, is operationally *useful*.
> 
> It doesn't work that way. Changes to route-maps in IOS occur incrementally as typed. That's a major pain if you have a high ongoing rate of incoming BGP changes, as some of those incoming routes will meet a routing policy which is not either the new policy nor the old policy. That makes it essential to "clear .. soft in" each neighbour after a route-map change to regain a reasonable policy for all routes. Imagine changing an IOS route-map at a router connected to a peering point and you'll see what a PITA that is, especially when compared with how nicely JUNOS does the same thing.
> 
> The only reason you see the "reasonable" behaviour you do is because you don't have a high rate of incoming route changes whilst you are altering the configuration.
> 
> Certainly, for the environment in which I'm using NX-OS I don't have a high rate of routing changes.  But.  I do separately have IOS routers (mixture of 12.2 and 12.4), and also 6500s running SXI code, connected to peering points.  On each of them I find that clearing the BGP peering session is required to make route-map changes take effect.  All the reference docs I've found on CCO tell me that a "clear ip bgp" is definitely required. What IOS are you running that puts the changes in your route-maps into effect as you type?
> 
> > ...great - so now whether or not I type "exit", 60 seconds after I typed a command it will take effect...?  And this behaviour is documented only for the 7k, not the 5k?
> 
> Does that behaviour still occur if you say "configure session ..."? In any sane world nothing would change until the "commit".
> 
> Looks like we do live in a sane world, and the "configure session" feature will hold changes until you type "commit" .... but the feature at present only supports ACL changes.  Which is a shame, it'd be nice to have it for route-maps and prefix-lists too.
> 
> B
> -- 
> _________________________________________________________________________
> [ e - ben.byer at gmail.com ]                   
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20111107/8ada1951/attachment.html>


More information about the AusNOG mailing list