Professional Documents
Culture Documents
RST-3320
RST-3320
12552_04_2006_c2
Cisco Public
Your Speaker
Kawika Chetron
Cisco IOS-XR BGP Developer
San Jose, CA
kawika@cisco.com
RST-3320
12552_04_2006_c2
Cisco Public
Prerequisites
BGP operational experience
Basic configuration
Show commands
RST-3320
12552_04_2006_c2
Cisco Public
RST-3320
12552_04_2006_c2
Cisco Public
Overview
BGP peering in excruciating detail
TCP details
BGP
TCP interaction
BGP processes
Explanation of what BGP-related
processes do
Cisco Public
BGP/TCP Agenda
The Basics
Source/Destination Addresses and Ports
Active vs. Passive Sessions
TCP Connection Collisions
TTLTime to Live
MSSMax Segment Size
Security
RST-3320
12552_04_2006_c2
Cisco Public
BGP/TCP Agenda
EBGP Multihop Peering
Peering State Machine
Common Mistakes
Troubleshooting Commands
Faster Peer Establishment
Flapping Peers
Keepalives and Holdtimers
RST-3320
12552_04_2006_c2
Cisco Public
The Basics
BGP uses TCP port 179
Relies on TCP to successfully deliver all BGP messages
Peers exchange OPEN messages which contain basic info
such as:
Router ID
AS #
Capabilities
Cisco Public
TCPSource/Destination Parameters
IP Addresses
Destination IP is specified via neighbor x.x.x.x
Source IP is outbound interface by default
Source IP may be specified via
neighbor x.x.x.x update-source interface
RST-3320
12552_04_2006_c2
Cisco Public
TCPSource/Destination Addresses
1.1.1.1
R1
2.2.2.2
10.1.1.1
10.1.1.2
R2
R2 to R1 connection
neighbor 10.1.1.1 remote-as 100
neighbor 10.1.1.1 update-source loopback 0
Cisco Public
10
TCPSource/Destination Addresses
R2 attempts to open a session to R1
BGP: 10.1.1.1 open active, local address 2.2.2.2
RST-3320
12552_04_2006_c2
Cisco Public
11
TCPSource/Destination Addresses
1.1.1.1
R1
2.2.2.2
10.1.1.1
10.1.1.2
R2
R1 to R2 connection
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source loopback 0
R2 to R1 connection
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source loopback 0
RST-3320
12552_04_2006_c2
Cisco Public
12
R1
R2
RST-3320
12552_04_2006_c2
Cisco Public
13
Cisco Public
14
TCPConnection Collision
1.1.1.1
R1
2.2.2.2
R2
Cisco Public
15
R2
AS 200
R3
RST-3320
12552_04_2006_c2
Cisco Public
16
Cisco Public
17
BGP Messages
TCP Packets
MSS of 536
TCP Packets
MSS of 1460
KA
Update
KA
Update
536 bytes
1460 bytes
Cisco Public
18
TCP Security
Minimal built in security
Random source port #s
Strict source/destination IP agreement
RST-3320
12552_04_2006_c2
Cisco Public
19
AS 100
R2
Cisco Public
20
RST-3320
12552_04_2006_c2
Cisco Public
21
TTL 255
R1
AS 100
R2
TTL 254
TTL 255
of the session
Cisco Public
22
RST-3320
12552_04_2006_c2
Cisco Public
23
eBGP Disable-Connected-Check
eBGP peers must meet one of the following criteria
Are directly connected which is verified by comparing the
eBGP peers address with our connected subnets
Are configured for ebgp-multihop which disables the
connected subnet check
RST-3320
12552_04_2006_c2
Cisco Public
24
eBGP Disable-Connected-Check
R1 and R3 are eBGP peers
that are loopback peering
Older code must use the
following in R1 and R3
neighbor x.x.x.x ebgpmultihop 2
R1
R3
AS 100
AS 200
R2
Desired Path
Used Path
RST-3320
12552_04_2006_c2
Cisco Public
25
eBGP Disable-Connected-Check
New code does not need an
ebgp-multihop statement;
Instead use:
neighbor x.x.x.x
disable-connectedcheck
TTL is one
Session cannot establish
via R2
R1
R3
AS 100
AS 200
R2
If R1 to R3 link is down so is
the BGP session
Closes security hole
Available in Cisco IOS, but
not in Cisco IOS-XR
RST-3320
12552_04_2006_c2
Cisco Public
26
Cisco Public
27
Cisco Public
28
OPEN Message
0
10
11 12 13 14 15 16 17 18 19
20
21 22 23 24 25 26 27 28 29
30
31
Version
My Autonomous System
Hold Time
BGP Identifier
Opt. Parm. Len.
Optional Parameters
RST-3320
12552_04_2006_c2
Cisco Public
29
Cisco Public
30
OpenSent
Idle
Valid Condition
Error Condition
OpenConfirm
Established
Cisco Public
31
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
2.2.2.2
Cisco Public
32
Cisco Public
33
Troubleshooting Commands
debugs and show commands are your friends
Use them to get more information on why a peer
will not establish
TCP
show tcp brief all (Cisco IOS) show tcp brief
(Cisco IOS-XR)
show tcp statistics
debug ip tcp transactions (Cisco IOS only)
BGP
debug ip bgp
debug ip bgp events
show ip bgp neighbor
RST-3320
12552_04_2006_c2
Cisco Public
34
Local Address
Foreign Address
(state)
64316F14
1.1.1.1.12345
2.2.2.2.179
ESTAB
6431BA8C
*.179
2.2.2.2.*
LISTEN
62FFDEF4
*.*
*.*
LISTEN
R1#
R2 TCP info
R2#show tcp brief all
TCB
Local Address
Foreign Address
(state)
641606FC
2.2.2.2.179
1.1.1.1.12345
ESTAB
6415B49C
*.179
1.1.1.1.*
LISTEN
638471A4
*.*
*.*
LISTEN
R2#
RST-3320
12552_04_2006_c2
Cisco Public
35
Cisco Public
36
R1 sent stats
Sent: 9150 Total, 0 urgent packets
4810 control packets (including 127 retransmitted)
2172 data packets (71504 bytes)
0 data packets (0 bytes) retransmitted
0 data packets (0 bytes) fastretransmitted
2168 ack only packets (160 delayed)
0 window probe packets, 0 window update packets
1346 Connections initiated, 10 connections accepted, 1014 connections
established
1790 Connections closed (including 0 dropped, 443 embryonic dropped)
127 Total rxmt timeout, 0 connections dropped in rxmt timeout
0 Keepalive timeout, 0 keepalive probe, 0 Connections dropped in keepalive
RST-3320
12552_04_2006_c2
Cisco Public
37
RST-3320
12552_04_2006_c2
Cisco Public
38
Cisco Public
39
Cisco Public
40
RST-3320
12552_04_2006_c2
Cisco Public
41
snduna: 3541899871
rcvnxt: 2288128318
mis-ordered: 0 (0 bytes)
Next
0x0
0x0
0x0
0x0
0x0
0x0
0x0
0x0
sndnxt: 3541899871
rcvwnd:
16263
sndwnd:
delrcvwnd:
16229
121
SRTT: 146 ms, RTTO: 1283 ms, RTV: 1137 ms, KRTT: 0 ms
minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms
Flags: higher precedence, retransmission timeout, nagle, path mtu capable
Datagrams (max data segment is 1460 bytes):
Rcvd: 7 (out of order: 0), with data: 4, total data bytes: 121
Sent: 10 (retransmit: 0), with data: 5, total data bytes: 155
RST-3320
12552_04_2006_c2
Cisco Public
42
Old behavior
OPEN delays were jittered
eBGP peer OPEN delay35 to 50 seconds
iBGP peer OPEN delay25 to 30 seconds
Cisco Public
43
Cisco Public
44
RST-3320
12552_04_2006_c2
Cisco Public
45
Flapping Peers
Peers may flap for several reasons
OPEN parameters prevent peer establishment
Bad message could trigger a NOTIFICATION
Holdtime expires
RST-3320
12552_04_2006_c2
Cisco Public
46
RST-3320
12552_04_2006_c2
Cisco Public
47
Example
R1#show ip bgp neighbors 2.2.2.2
[snip]
Connections established 4; dropped 4
Last reset 00:07:40, due to BGP Notification sent, peer in wrong AS
Message received that caused BGP to send a Notification:
FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
002D0104 00C800B4 02020202 10020601
04000100 01020280 00020202 00
RST-3320
12552_04_2006_c2
Cisco Public
48
Cisco Public
49
Cisco Public
50
RST-3320
12552_04_2006_c2
Cisco Public
51
R1
R2
Troubleshooting steps
RST-3320
12552_04_2006_c2
Cisco Public
52
Cisco Public
53
Cisco Public
54
RST-3320
12552_04_2006_c2
Cisco Public
55
AS 1
AS 2
eBGP
R1
R2
Layer 2 Cloud
Small Packets
Large Packets
Cisco Public
56
Flapping Peer
bgp log-neighbor-changes will generate an
ADJCHANGE message when a peer flaps
R2#
%BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down BGP Notification sent
%BGP-3-NOTIFICATION: sent to neighbor 1.1.1.1 4/0 (hold time expired) 0 bytes
R2#show ip bgp neighbor 1.1.1.1 | include Last reset
Last reset 00:01:02, due to BGP Notification sent,hold time expired
R2 is sending a NOTIFICATION to R1
R1 has a problem sending keepalives?
The keepalives are lost in the cloud?
R2 has a problem receiving the keepalive?
RST-3320
12552_04_2006_c2
Cisco Public
57
Flapping Peer
R1#show ip bgp sum | begin Neighbor
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2
4
2
53
284
10167 0
97
00:02:15
0
R1#show ip bgp summary | begin Neighbor
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2
4
2
53
284
10167 0
98 00:03:04
0
Cisco Public
58
Flapping Peer
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 m
R1#ping ip
Target IP address: 2.2.2.2
Repeat count [5]:
Datagram size [100]: 1500
Timeout in seconds [2]:
Extended commands [n]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 1500-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Cisco Public
59
Flapping Peer
Things to check
MTU values
Traffic shaping
Rate-limiting parameters
RST-3320
12552_04_2006_c2
Cisco Public
60
Flapping Peer
AS 1
AS 2
eBGP
R1
R2
Layer 2
ATM or FR
Cloud
Small Packets
Large Packets
Cisco Public
61
Timer Tuning
KA and holdtime tuning
KA of one and holdtime of three is the minimum
Timers of 3/9 are used by customers today
Low timers
Detect failures quickly
Less stable during network turbulence
Could make turbulence more severe
High timers
Detect failures slowly
Much more stable during network turbulence
Cisco Public
62
1/3 timers
CPU at 31% in steady state
Cisco Public
63
RST-3320
12552_04_2006_c2
Cisco Public
64
RST-3320
12552_04_2006_c2
Cisco Public
65
bgp fast-external-fallover
If the interface used to reach an eBGP peer goes
down, tear down the session
Only works for single hop eBGP peers
Enabled by default
bgp fast-external-fallover
RST-3320
12552_04_2006_c2
Cisco Public
66
RST-3320
12552_04_2006_c2
Cisco Public
67
BGP FSD
BGP FSDFast Session Deactivation
Register peers addresses with ATF
ATF will let BGP know if there is a change to a
peers address
If we lose our route to the peer, tear down
the session
No need to wait for the holdtimer to expire
RST-3320
12552_04_2006_c2
Cisco Public
68
BGP FSD
Ideal for IBGP peers and multihop eBGP peers
Can tear down BGP sessions at IGP
convergence speed
Off by default
neighbor x.x.x.x fall-over
RST-3320
12552_04_2006_c2
Cisco Public
69
Memory Agenda
BGPs use of memory
Memory loss after a Cisco IOS upgrade
Memory loss after multipath
RST-3320
12552_04_2006_c2
Cisco Public
70
Memory
Why does a BGP router use so much memory?
Every BGP customer
RST-3320
12552_04_2006_c2
Cisco Public
71
Memory
Each Prefix Must Be Stored by
Three Separate Databases
R1#show ip bgp 22.2.2.2
BGP routing table entry for 22.2.2.2/32, version 3
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Not advertised to any peer
200
2.2.2.2 from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, external, best
R1#show ip route 22.2.2.2
Routing entry for 22.2.2.2/32
Known via "bgp 100", distance 20, metric 0
Tag 200, type external
Last update from 2.2.2.2 00:00:15 ago
Routing Descriptor Blocks:
* 2.2.2.2, from 2.2.2.2, 00:00:15 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
R1#show ip cef 22.2.2.2
22.2.2.2/32
nexthop 2.2.2.2 FastEthernet0/1
RST-3320
12552_04_2006_c2
Cisco Public
72
Memory
I upgraded from release X to release Y and my free memory
decreased by 8 meg.
Mr. Angry Customer
Cisco Public
73
Memory
I carry a full Internet feed, I enabled BGP multipath
and BGP Router began consuming tons of
memory.
Mr. Brave Customer
Cisco Public
74
BGP IO
Interacts with TCP
InboundParse data from TCP into BGP messages
InboundOnce assembled place the message on a
peers InQ
OutboundPull BGP messages off of each peers OutQ
and deliver to TCP
RST-3320
12552_04_2006_c2
Cisco Public
75
Cisco Public
76
RST-3320
12552_04_2006_c2
Cisco Public
77
Cisco Public
78
BPM
Configuration, starting of other processes
bRIB
Central collection of partial bestpaths
Run in distributed mode only
RST-3320
12552_04_2006_c2
Cisco Public
79
BGP Scanner
CPU spike is normal when scanner runs
Is a low priority process
Scanner spike shouldnt adversely effect other processes
RST-3320
12552_04_2006_c2
Cisco Public
80
BGP Scanner
Improvements have been made to reduce
CPU impact of scanner
Route redistribution is now fully event-driven
Network statements are now fully event-driven
RST-3320
12552_04_2006_c2
Cisco Public
81
BGP Scanner
BGP Scanner Improvements
80%
12.0S
12.2S
70%
CPU Load
60%
50%
40%
30%
20%
10%
0%
27
46
66
85 110 132 152 171 193 219 239 258 277 305 326 346 366
Time (Seconds)
Cisco Public
82
Cisco Public
83
RST-3320
12552_04_2006_c2
Cisco Public
84
Cisco Public
85
V
4
AS MsgRcvd MsgSent
100
4386
4388
TblVer
13
0 01:20:24
Cisco Public
86
RST-3320
12552_04_2006_c2
Cisco Public
87
Cisco Public
88
Troubleshooting BGPSummary
The more you know about a subject the easier it is to troubleshoot
Understand what BGP should be doing
Use the troubleshooting tools below to determine where the behavior is breaking
debugs
Can be useful but can also be chatty
Limit output using access-lists or RPL policy when possible
Configure no logging console to protect the CPU
show commands
Provide useful data
Low CPU impact
Show commands are your friend
Cisco Public
89
The End
Questions?
Comments?
Thank you
RST-3320
12552_04_2006_c2
Cisco Public
90
RST-3320
12552_04_2006_c2
Cisco Public
91
Recommended Reading
Continue your Cisco Networkers
learning experience with further
reading from Cisco Press
Check the Recommended
Reading flyer for suggested
books
Cisco Public
92
RST-3320
12552_04_2006_c2
Cisco Public
93