North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Packets from net 10 (no, not the lyrics)
And that would be process switching to Null0, I believe. At 08:22 AM 9/23/97 -0700, Kevin Oberman wrote: >> Date: Tue, 23 Sep 1997 10:45:19 -0400 >> From: "Randall S. Benn" <[email protected]> > >> I think you'll find that your router's CPU will be happier if you just dump >> the 1918 networks to the bit bucket on your border routers with a static >> route via interface Null0: >> >> ip route 10.0.0.0 255.0.0.0 null0 >> ip route 127.0.0.0 255.0.0.0 null0 >> etc. >> >> Considering resource utilization on the router, it is cheaper to do a >> routing table look-up than it is to do ACLs. Also, when you're doing >> outbound filtering on the router, you have to do a routing table lookup >> first before you can do outbound filtering. Save a step and just do the >> routing table lookup. > >I don't think so. The static routes will require processing every >packet destined for the 10.0.0.0/8 and 127.0.0.0/8 nets, but you will >still have the bad route. The CPU will have to deal with any traffic >for 10.0.0.0/8 and any interior routers will forward packets since you >have a route. > >On the other hand, a filter on the BGP session will block the route >from being accepted and only require CPU action once...when it is >announced. You have no route to these nets and can't propagate the >routes since you don't have them. > >Andrew clearly has the correct approach. >-- >R. Kevin Oberman, Network Engineer >Energy Sciences Network (ESnet) >Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) >E-mail: [email protected] Phone: +1 510 486-8634 > > Ken Gray || || ISP Systems Engineer || || Reston, Virginia USA |||| |||| tel: +1.703.397.5942 ..:||||||:..:||||||:.. e-mail: [email protected] c i s c o S y s t e m s fax: +1.703.397.5999
|