Adventures with BGP

As previous posts may have hinted, I'm quite interested in internet routing. I participate in dn42, which is a small-scale clone of the internet for people to play and learn with. There are a reasonable number of people involved with dn42, including some people who own or operate networks on the public internet. Starting out from scratch on dn42 with zero prior knowledge, you learn a lot very quickly.

I have found there is a distinct lack of entry-level information on BGP and routing on the parts of the web that I frequent, and while it's reasonably easy to find out how many prefixes are in the default-free zone (DFZ) routing table (approximately 770,000 for both IP versions as I write this), I couldn't find any information which says "if you're going to take a full DFZ routing table, then you'll need a machine with this much RAM". I also happen to have a Sun SPARC Enterprise T1000 1U rack server sitting on my shelf (as one does). This box has 4GB of RAM and a six-core UltraSPARC T1 processor installed, and runs OpenBSD. Given that OpenBSD comes with an appreciable set of networking tools out-of-the-box, I asked on the dn42 IRC channel (out of curiosity) whether my Sun box would be able to handle the DFZ routing table.

One person said that they didn't know, but they could provide me with five BGP sessions delivering the full DFZ routing table to find out.

I wasn't expecting that, but I accepted their offer. The configuration that we used for this was a little interesting, as my Sun box was sitting on my home LAN and behind NAT, and I didn't have a public IPv6 address. My peer configured their end to be passive, so my router (the Sun box) would connect out to them, and we used a multihop, multiprotocol BGP session to carry the routes. I also used a private AS number, as I don't have a public one. I took a crash course in OpenBSD bgpd(8) configuration (as I'm used to using bird), and put together a rough configuration which would carry IPv4 routes only, connect to one peer only and not update the kernel routing table with the learned routes, for initial testing purposes. There was some trial and error involved, as I forgot to enable multihop and I typoed some AS numbers, but I managed to get a DFZ feed into my Sun box! I didn't note the convergence time, but the Routing Information Base (RIB) took up around 200MB of RAM.

I then modified my configuration to connect to my peer's other four routers. I enabled multiprotocol extensions for these sessions too, so I got the roughly 50,000 IPv6 routes on the internet as well. This took about ten minutes to converge, and afterwads the RIB took around 820MB of RAM. I also coupled the RIB with the kernel routing tables, which took some time, however afterwards the total system RAM usage was at just over 1.2GB, and I had few running processes aside from bgpd(8). I then restarted the initial peering, this time with the multiprotocol extensions; this took three minutes to converge.

At this point, the other occupants of the house asked me to turn the jet engine\^W\^W Sun box off, so we could eat dinner in peace. It was certainly an interesting afternoon, overall -- if I roll out of bed tomorrow and decide I wish to register my own autonomous system, it appears I have the hardware to do the job...

Oh, and to the person on IRC who provided me with the BGP feeds (you know who you are): thanks!