© 2005 cisco systems, inc. all rights reserved. bgp v3.2—7-1 optimizing bgp scalability limiting...
TRANSCRIPT
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-1
Optimizing BGP Scalability
Limiting the Number of Prefixes Received from a BGP Neighbor
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-2
Outline
• Overview
• Limiting the Number of Routes Received from a Neighbor
• Configuring the BGP Maximum-Prefix Function
• Monitoring the BGP Maximum-Prefix Function
• Summary
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-3
Limiting the Number of Routes Received from a Neighbor
Definition of problem:• All other filtering mechanisms specify only what you are
willing to accept but not how much.
• A misconfigured BGP neighbor can send a huge number of prefixes that can exhaust the memory of a router or overload the CPU (several Internet-wide incidents have already occurred).
• A new tool is needed to establish a hard limit on the number of prefixes received from a neighbor.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-4
Configuring the BGP Maximum-Prefix Function
neighbor ip-address maximum-prefix maximum [threshold] [warning-only][restart restart-interval]neighbor ip-address maximum-prefix maximum [threshold] [warning-only][restart restart-interval]
router(config-router)#
• This command controls how many prefixes can be received from a neighbor.
• The optional threshold parameter specifies the percentage where a warning message is logged (default is 75%).
• The optional warning-only keyword specifies the action on exceeding the maximum number (default is to drop the neighbor relationship).
• The optional restart keyword instructs the router to try to re-establish the session after the specified interval in minutes.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-5
show ip bgp neighbors [address]show ip bgp neighbors [address]
router>
• For neighbors with the maximum-prefix function configured, displays the maximum number of prefixes and the warning threshold
• For neighbors exceeding the maximum number of prefixes, displays the reason that the BGP session is idle
Monitoring the BGP Maximum-Prefix Function
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-6
Monitoring the BGP Maximum-Prefix Function (Cont.)
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-7
Monitoring the BGP Maximum-Prefix Function (Cont.)
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-8
Summary
• An improperly configured filter in a customer router may accidentally cause a large number of Internet routes to be received by the customer.
• The neighbor maximum-prefix command allows you to configure a maximum number of prefixes that a BGP router is allowed to receive from a peer. When the number of received prefixes exceeds the maximum number configured, the router either terminates the peering (by default) or sends a log message but continues peering with the sender.
• You can use the show ip bgp neighbors command to monitor the status of BGP neighbors, displaying information about the number of prefixes that a BGP router has received from a neighbor and if any limits have been configured.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—7-9