Saturday, March 8, 2008

How the CCIE helped in the first week

On Friday night I had a BGP implementation to do at our India location. There have been a few transatlantic cable breaks of late so we really needed to get a redundant provider up and running. The change began at 10pm with a relatively simple setup. All I want is a default route and I'll use as-path prepending and weight to ensure the primary circuit is preferred.

While one ISP got it correct, the second did not. My router wasn't maxed out on memory, so I needed to ensure I didn't have the entire BGP table. Sure enough, once the BGP adjacency came up, I began to receive more than I bargained for.

Now the race was on. I had to filter everything but the default route before the router ran out of memory. Of course, just about any CCIE should be able to do this.

ip prefix-list DEFAULT permit 0.0.0.0/0
!
route-map NODEFAULT deny
match ip address prefix-list DEFAULT
route-map NODEFAULT permit 20
!
router bgp xxxxx
neigh xxxx route-map NODEFAULT in

It took about 30 seconds. No DocCD needed. I didn't even have to use the ?. It worked right the first time.

This is why the stress and pressure and time constraints exist in the lab. Unexpected things happen. Sometimes you have to act quickly. Consequences can be severe.

3 comments:

Anonymous said...

God, get over yourself. Just because you have ccie does not mean you're any different from the idiot chasing the number.

I guarantee that 3 years from now, you will reflect on this blog post and cringe.

Erich Trowbridge
CCIE #4653

Anonymous said...

Actually, Erich, I think his articles are useful to someone like myself, who is chasing his number. By reading something like this, it helps to illustrate the structure of the lab actually helps prepare us for situations like this. Besides, this guy is proud of what he's accomplished, and you should be too.

Nortic said...

The config is actually wrong, it should be permit 10, deny 20, my 2cents