BGP Route Dampening
At a Glance:
|
Route-Dampening Operation:
- EBGP route flaps = 1000 penalty points
- IBGP route flaps not dampened;
- penalty not user-configurable;
- penalty decays via exponential decay algorithm
- if penalty > suppress limit, route is dampened
- if penalty < reuse limit, dampened route is propagated
- if penalty < 1/2 reuse limit, flap history forgotten
- route is never dampened more than the maximum suppress time limit
- unreachable route with flap history is in history state (still in BGP table to retain flap history)
- penalty is applied to an individual path, not the prefix
Configuring Route Dampening:
| router(config-router)# bgp dampening [half-life reuse suppress max-suppress-time] [route-map route-map-name] | ||
| half-life | time for penalty to halve (default 15 minutes) | |
| reuse | penalty points when dampened route is reused (default 750) | |
| suppress | penalty points when route is suppressed (default 2000) | |
| max-suppress-time | maximum time a route is suppressed (default 1hour; maximum 255 minutes) | |
| router(config-route-map)# set dampening half-life reuse suppress max-suppress-time |
| - used for less aggressive dampening of routes towards root DNS servers - dampening of smaller prefixes more aggressively - selective dampening based on BGP neighbors and route-map match criteria |
Other Commands:
| clear ip bgp ip_addr flap-statistics [{regexp regexp} | {filter-list listname} | {ipaddr mask} ] |
| clear ip bgp dampening [ipaddr mask] |
| show ip bgp dampened-paths |
| show ip bgp flap-statistics [{regexp regexp}|{filter-list listname}|{ipaddr mask [longer-prefix]}] |
| debug ip bgp dampening |
Monday, May 23, 2011
BGP: Regular Expressions for AS-PATH Filtering
| Symbol | Description |
|---|---|
| | | logical OR |
| . | match any |
| [x..y] | match one in range |
| ^ | match beginning of string |
| $ | match end of string |
| _ | match any delimiter/white space |
| ( ) | group as a single atom |
| * | match 0 or more instances of previous atom |
| ? | match 0 or 1 instance of previous atom |
| + | match 1 or more instances of previous atom |
| \ | escape character; if followed by a number n, points to the nth atom |
Example 1: Advertise routes with empty AS-PATH (internal routes)
| router bgp 123 neighbor 5.6.7.8 remote-as 387 neighbor 5.6.7.8 filter-list 1 out ! ip as-path access-list 1 permit ^$ !match "blank" atom at the "start" and "end" of string ! |
Example 2: Accept only default routes, preferring primary route based on AS PATH:
| AS387 (primary ISP) | |
| / | |
| AS123 | |
| \ | |
| AS462 (backup ISP) |
| router bgp 123 neighbor 1.2.3.4 remote-as 462 neighbor 1.2.3.4 route-map FILTER in neighbor 5.6.7.8 remote-as 387 neighbor 5.6.7.8 route-map FILTER in ! route-map FILTER permit 10 ! default routes from primary ISP (AS 387) accepted are preferred (larger weight) match ip prefix-list DEFAULT_ONLY match as-path 10 set weight 150 ! route-map FILTER permit 20 ! default routes from backup ISP are accepted, with lower preference than primary ISP routes match ip prefix-list DEFAULT_ONLY set weight 100 ! ip as-path access-list 10 permit _387$ ip prefix-list DEFAULT_ONLY seq 10 permit 0.0.0.0/0 ! |
Example 3: AS PATH Filtering with AS Path Prepending:
| AS123 | |
| 10.0.0.1 | \ |
| \ | |
| AS462 |
router bgp 387 neighbor 10.0.0.1 remote-as 213 neighbor 10.0.0.1 filter-list 10 in ! ip as-path access-list 10 permit ^123(_123)*$ ! accepts "123", "123 123", or "123 123 123" |
Example 4: AS PATH Filtering with AS Path Prepending, multiple customers:
| Customer 1 | |
| \ | |
| Customer 2 - | AS387 |
| / | |
| Customer 3 |
!
| router bgp 387 neighbor 10.0.0.1 remote-as 123 neighbor 10.0.0.1 filter-list 10 in
neighbor 20.0.0.1 remote-as 456
neighbor 20.0.0.1 filter-list 10 in
neighbor 30.0.0.1 remote-as 789
neighbor 30.0.0.1 filter-list 10 in
ip as-path access-list 10 permit ^([0..9]+)(_\1)*$ ! accepts repeating instances of "123", "456", and "789" ! does not accept strings non-repeating strings (e.g. "123 123 100") ! |
Notes:
atom 1 = at least one instance of a number at the beginning of the string;
atom 2 = 0 or more instances of a whitespace and atom 1 until the end of the string.
Wednesday, May 4, 2011
BGP Path Attributes and Route Selection
BGP Path Attributes
BGP Route Selection Order:
| Mandatory Well-Known Origin (i, e, ?) AS-Path (sequence of AS-Numbers to access network/IP) Next-Hop (ip address) |
| Discretionary Well-Known Local Preference (for routing policy) Atomic Aggregate (flags route if aggregated) |
| Optional Non-Transitive Multi-Exit Discriminator (MED) - multiple entry pts to one AS Originator-ID - for route reflector environment Cluster-List - for route reflector environment |
| Optional Transitive Aggregator - IP address & AS of routers that aggregated routes Community - for route tagging |
BGP Route Selection Order:
- Prefer highest weight (local to router)
- Prefer highest local preference (global within AS)
- Prefer routes that the router originated
- Prefer shorter AS paths
- Prefer lowest origin code (IGP < EGP < Incomplete)
- Prefer lowest MED
- Prefer external (EBGP) paths over internal (IBGP)
- For IBGP paths, prefer nonreflected routes (no originator-ID) over reflected routes
- For reflected routes, prefer shorter cluster-list
- For IBGP paths, prefer path through closest IGP neighbor
- For EBGP paths, prefer oldest (most stable) path
- Prefer paths from router with the lower BGP router-ID
BGP: Multihomed Customer to Single ISP in Load-Sharing Setup with Static Routes
Outbound Traffic (CE to PE):
- each customer router uses closest CE as exit point;
- CE routers must be collocated to have load-sharing;
Inbound/Return Traffic (PE to CE) (pre-IOS 12.2):
- true load-sharing is impossible to achieve with multiple PEs;
- per BGP route selection, only one route will be the best route (to the customer network)
- can be optimized by dividing the customer address space
Customer Network: 11.2.3.0 /24
Customer Network "division" assigned to PE1: 11.2.3.0/25
Customer Network "division" assigned to PE2: 11.2.3.128/25
- each customer router uses closest CE as exit point;
- CE routers must be collocated to have load-sharing;
Inbound/Return Traffic (PE to CE) (pre-IOS 12.2):
- true load-sharing is impossible to achieve with multiple PEs;
- per BGP route selection, only one route will be the best route (to the customer network)
- can be optimized by dividing the customer address space
Customer Network: 11.2.3.0 /24
Customer Network "division" assigned to PE1: 11.2.3.0/25
Customer Network "division" assigned to PE2: 11.2.3.128/25
BGP: Multihomed Customer to Single ISP in Primary-Backup Setup with Static Routes
Scenario:
Multihomed customer connected to a single service provider on multiple permanent links;
Customer network using OSPF; provider network using BGP; CE-PE via static routing;
Floating static routes configured as backup on both CE and PE;
Floating Static Routes in BGP:
Once active, the floating static routes will be permanently installed in BGP; static routes are locally sourced which is preferred;
Multihomed customer connected to a single service provider on multiple permanent links;
Customer network using OSPF; provider network using BGP; CE-PE via static routing;
Floating static routes configured as backup on both CE and PE;
Floating Static Routes in BGP:
Once active, the floating static routes will be permanently installed in BGP; static routes are locally sourced which is preferred;
- admin distance cannot be used in route-maps; hence, use communities
- tag floating static routes; tags mapped to specific communities;
- use route maps to modify the weight and/or local preference;
- default weight: 32768
Wednesday, April 15, 2009
IOS: %BGP_MPLS-3-GEN_ERROR
Mar 18 20:41:38.892 EDT: %BGP_MPLS-3-GEN_ERROR: BGP: MPLS outlabel changed, MPLS forw not updated, prefix not in routing table -Traceback= 10D36950 10D3709C 10B10388 10B10718 10AEEFD0 10AEF030 10B53A50 10B53DC0 10AF588C 10AFD610 10AFE8E0 10A44524 10A3B6D4
Mar 18 20:41:38.892 EDT: %BGP_MPLS-3-GEN_ERROR: BGP: MPLS outlabel changed, MPLS forw not updated, prefix not in routing table -Traceback= 10D36950 10D3709C 10B10388 10B10718 10AEEFD0 10AEF030 10B53A50 10B53DC0 10AF588C 10AFD610 10AFE8E0 10A44524 10A3B6D4
Mar 18 20:41:38.892 EDT: %BGP_MPLS-3-GEN_ERROR: BGP: MPLS outlabel changed, MPLS forw not updated, prefix not in routing table -Traceback= 10D36950 10D3709C 10B10388 10B10718 10AEEFD0 10AEF030 10B53A50 10B53DC0 10AF588C 10AFD610 10AFE8E0 10A44524 10A3B6D4
Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500e-ENTSERVICES-M), Version
12.2(50)SG1, RELEASE SOFTWARE (fc2)
Technical Support:
http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Tue 10-Feb-09 00:17 by prod_rel_team
Image text-base: 0x10000000, data-base: 0x124FED8C
ROM: 12.2(44r)SG
Darkside Revision 0, Jawa Revision 11, Tatooine Revision 140, Forerunner Revision 1.74
MyRouter uptime is 5 days, 3 hours, 12 minutes
System returned to ROM by power-on
System restarted at 19:50:40 EDT Fri Mar 13 2009
System image file is "bootflash:/cat4500e-entservices-mz.122-50.SG1.bin"
cisco WS-C4900M (MPC8548) processor (revision 2) with 524288K bytes of memory.
Processor board ID JAE130628BD
MPC8548 CPU at 1.33GHz, Cisco Catalyst 4900M
Last reset from PowerUp
1 Virtual Ethernet interface
36 Gigabit Ethernet interfaces
16 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.
Configuration register is 0x2102
CSCse15707: Trace back seen at bgp_ipv4_mpls_label_change.
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCse15707
0 comments:
Post a Comment