Upload File

© 2005 cisco systems, inc. all rights reserved. bgp v3.2—7-1 optimizing bgp scalability limiting...

  • Home
  • Documents
  • © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor
9
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

Upload: emmeline-richardson

Post on 17-Dec-2015

218 views

Category:

Documents


4 download

Report

TRANSCRIPT

Page 1: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1

Optimizing BGP Scalability

Limiting the Number of Prefixes Received from a BGP Neighbor

Page 2: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-2

Outline

• Overview

• Limiting the Number of Routes Received from a Neighbor

• Configuring the BGP Maximum-Prefix Function

• Monitoring the BGP Maximum-Prefix Function

• Summary

Page 3: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-3

Limiting the Number of Routes Received from a Neighbor

Definition of problem:• All other filtering mechanisms specify only what you are

willing to accept but not how much.

• A misconfigured BGP neighbor can send a huge number of prefixes that can exhaust the memory of a router or overload the CPU (several Internet-wide incidents have already occurred).

• A new tool is needed to establish a hard limit on the number of prefixes received from a neighbor.

Page 4: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-4

Configuring the BGP Maximum-Prefix Function

neighbor ip-address maximum-prefix maximum [threshold] [warning-only][restart restart-interval]neighbor ip-address maximum-prefix maximum [threshold] [warning-only][restart restart-interval]

router(config-router)#

• This command controls how many prefixes can be received from a neighbor.

• The optional threshold parameter specifies the percentage where a warning message is logged (default is 75%).

• The optional warning-only keyword specifies the action on exceeding the maximum number (default is to drop the neighbor relationship).

• The optional restart keyword instructs the router to try to re-establish the session after the specified interval in minutes.

Page 5: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-5

show ip bgp neighbors [address]show ip bgp neighbors [address]

router>

• For neighbors with the maximum-prefix function configured, displays the maximum number of prefixes and the warning threshold

• For neighbors exceeding the maximum number of prefixes, displays the reason that the BGP session is idle

Monitoring the BGP Maximum-Prefix Function

Page 6: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-6

Monitoring the BGP Maximum-Prefix Function (Cont.)

Page 7: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-7

Monitoring the BGP Maximum-Prefix Function (Cont.)

Page 8: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-8

Summary

• An improperly configured filter in a customer router may accidentally cause a large number of Internet routes to be received by the customer.

• The neighbor maximum-prefix command allows you to configure a maximum number of prefixes that a BGP router is allowed to receive from a peer. When the number of received prefixes exceeds the maximum number configured, the router either terminates the peering (by default) or sends a log message but continues peering with the sender.

• You can use the show ip bgp neighbors command to monitor the status of BGP neighbors, displaying information about the number of prefixes that a BGP router has received from a neighbor and if any limits have been configured.

Page 9: © 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1 Optimizing BGP Scalability Limiting the Number of Prefixes Received from a BGP Neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-9


EUGeneDocumentation v3.2

dns-bgp - University of Wisconsin–Madisonpages.cs.wisc.edu/~ace/media/lectures/dns-bgp.pdf · - Collection of IP prefixes under single routing policy - wisc.edu ... (exterior BGP)

Implementing BGP on Cisco ASR 9000 Series Routers · – 512K (524,288) prefixes for IPv4 unicast – 128K (131,072) prefixes for IPv4 multicast – 128K (131,072) prefixes for IPv6

MIT Laboratory for Computer Science from BGP Routing ...nms.lcs.mit.edu/talks/imw2002.pdf · Source (AS) #prefixes Supernet (3908): 793 (hong Kong) REACH (1221): 1282 UUNET (701):

IQA Rulebook V3.2

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Filtering with Prefix-Lists

IGP OSPF · • BGP (Border Gateway Protocol) – Carries customer prefixes – Exchanges network info with other networks ... Junos: set protocols ospf/3 area interface

BGP Best Current Practices - AFNOGafnog.org/afnog2009/tutorial/routing/bgp-3.pdfBGP Routing Table Entries 278703 Prefixes after maximum aggregation 132405 Unique prefixes in Internet

Prefixes & Suffixes PREFIXES AND SUFFIXESstage.catalog.baldwinfilter.com/Portals/43/prefixes.pdf · 47 PREFIXES AND SUFFIXES English Prefixes & Suffixes * See Specific Number in Product

More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

BGP Multihoming Techniques - nsrc.org · • Use eBGP multihop eBGP to loopback addresses eBGP prefixes learned with loopback address as next hop • Cisco IOS router bgp 65534 neighbor

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 BGP Overview Establishing BGP Sessions

BGP’01Stability of the BGP Table nMeasure rate of announcements + withdrawals + path updates nCompare relative update rate per prefix length to the relative number of prefixes of

BGP Operations and Security -BCP• Provides dynamic bogons information using eBGP multihop sessions –Traditional bogons (AS65333) • martians plus prefixes not allocated by IANA

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Scaling IGP and BGP in Service Provider Networks

BGP Scaling Techniques€¦ · Route Refresh p BGP peer reset required after every policy change n Because the router does not store prefixes which are rejected by policy p Hard BGP

Hourly v3.2

Łukasz Bromirski · Łukasz Bromirski [email protected]. Confidence 5.1, Warsaw, XI.2009 ... Remotely disrupt their work –DNS, DoS BGP sessions or hijack their prefixes, deface

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—2-1 BGP Transit Autonomous Systems Forwarding Packets in a Transit AS

Covering Prefixes Outbound Route Filter for BGP-4 · L3VPN Routing Working Group H. Jeng Internet-Draft AT&T

WTAnalyser - Filtration v3.2

BGP DDoS Mitigation - RIPE 66 · PDF fileBGP DDoS Mitigation Gunter Van de Velde Sr Technical Leader NOSTG, ... " Solution support redirection of BGP less/more specific prefixes or

Biofuels Dec2005.v3.2

PCI DSS v3.2 Continuous Compliance & Audit ReadinessPCI DSS v3.2 Continuous Compliance & Audit Readiness Author Tufin Subject PCI DSS v3.2 compliance Keywords PCI DSS v3.2 compliance,

BGP Multihoming Examples - au.int · – Router size is related to data rates, not running BGP ... to aid load balancing than prefixes from ASNs many hops away –Concentrate on local

BGP Multihoming Techniquesarchive.apnic.net/meetings/22/docs/tut-routing-pres-part...•Use eBGP multihop eBGP to loopback addresses eBGP prefixes learned with loopback address as

Category: Standards Track Using BGP to Bind ... - RFC Editor · RFC 8277 BGP and Labeled Address Prefixes October 2017 Although there are many implementations and deployments of [RFC3107],

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1 Configuring BGP on Cisco Routers (BGP) v3.2

BGP Prefix Filtering - Noction · PDF filePage 5 of 13 BGP Prefix Filtering If your network is connected to one or more internet exchang - es, you’ll also want to reject the prefixes

SeisImager2D Manual v3.2

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—2-1 BGP Transit Autonomous Systems Monitoring and Troubleshooting IBGP in a Transit AS

Presentation v3.2

Deadzone v3.2

Moray Workshop V3.2

Internet inter-AS routing: BGP - TU Berlin · Internet inter-AS routing: BGP ... BGP does not load-balance traffic; ... Load sharing depends on traffic to two prefixes