BGP continuosly flapping
Hi,
I'm getting below logs in my router frequently and BGP flaps. could someone tell me what are the possible causes of this issue.
Oct 2 02:33:50: %BGP-3-NOTIFICATION: received from neighbor 192.168.181.217 4/0 (hold time expired) 0 bytes
Oct 2 02:33:50: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Down Peer closed the session
Oct 2 02:33:50: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.181.217 IPv4 Unicast topology base removed from session Peer closed the session
Oct 2 02:33:57: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Up
Oct 2 03:35:52: %BGP-3-NOTIFICATION: received from neighbor 192.168.181.217 4/0 (hold time expired) 0 bytes
Oct 2 03:35:52: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Down Peer closed the session
Oct 2 03:35:52: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.181.217 IPv4 Unicast topology base removed from session Peer closed the session
Oct 2 03:36:03: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Up
Hi,
As Paul suggested check your connectivity, run an extended ping between BGP peers, might be as simple as layer 1 issue. Else check that you don't have recursive lookup for peer address where by you are peering with an address you you receive via BGP peering.
/Samir
Similar Messages
-
We have p2p link between SanDeago and Mexico, configured with BGP.
in recent times the link is plapping continuously, plz check below bgp config on both routers.
NatPen_MX_3825#sh run | be bgp
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 10.60.0.0 mask 255.255.0.0
redistribute static metric 20 route-map MXCAMMAP
neighbor 10.63.0.1 remote-as 1
neighbor 10.63.0.1 fall-over
no auto-summary
NatPen_MX_3825#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.63.0.1 to network 0.0.0.0
199.220.41.0/30 is subnetted, 1 subnets
B 199.220.41.176 [20/0] via 10.63.0.1, 00:00:13
1.0.0.0/24 is subnetted, 1 subnets
B 1.4.204.0 [20/0] via 10.63.0.1, 00:00:13
152.177.0.0/30 is subnetted, 1 subnets
B 152.177.74.24 [20/0] via 10.63.0.1, 00:00:13
152.181.0.0/30 is subnetted, 1 subnets
B 152.181.185.68 [20/0] via 10.63.0.1, 00:00:13
206.113.119.0/26 is subnetted, 2 subnets
B 206.113.119.128 [20/0] via 10.63.0.1, 00:00:13
B 206.113.119.0 [20/0] via 10.63.0.1, 00:00:13
199.220.194.0/30 is subnetted, 1 subnets
B 199.220.194.232 [20/0] via 10.63.0.1, 00:00:13
172.17.0.0/30 is subnetted, 1 subnets
B 172.17.29.0 [20/0] via 10.63.0.1, 00:00:13
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [20/0] via 10.63.0.1, 00:00:13
172.18.0.0/30 is subnetted, 2 subnets
B 172.18.30.0 [20/0] via 10.63.0.1, 00:00:13
B 172.18.29.0 [20/0] via 10.63.0.1, 00:00:13
172.21.0.0/30 is subnetted, 1 subnets
D 172.21.106.120 [220/63232] via 172.20.107.229, 5d03h, Serial2/0
172.20.0.0/30 is subnetted, 1 subnets
C 172.20.107.228 is directly connected, Serial2/0
172.23.0.0/30 is subnetted, 1 subnets
B 172.23.9.0 [20/0] via 10.63.0.1, 00:00:13
172.22.0.0/30 is subnetted, 2 subnets
B 172.22.0.144 [20/0] via 10.63.0.1, 00:00:13
D 172.22.157.84 [220/63232] via 172.20.107.229, 5d03h, Serial2/0
172.32.0.0/24 is subnetted, 1 subnets
B 172.32.7.0 [20/0] via 10.63.0.1, 00:00:13
10.0.0.0/8 is variably subnetted, 21 subnets, 5 masks
B 10.30.0.0/21 [20/0] via 10.63.0.1, 00:00:13
B 10.31.0.0/16 [20/0] via 10.63.0.1, 00:00:13
B 10.30.13.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.20.0.0/16 [20/0] via 10.63.0.1, 00:00:14
B 10.21.0.0/16 [20/0] via 10.63.0.1, 00:00:14
B 10.40.0.0/16 [20/0] via 10.63.0.1, 00:00:14
B 10.41.0.0/16 [20/0] via 10.63.0.1, 00:00:14
C 10.63.0.0/16 is directly connected, GigabitEthernet0/1
S 10.61.1.0/24 [1/0] via 10.60.0.2
C 10.60.0.0/16 is directly connected, GigabitEthernet0/0
B 10.100.0.44/30 [20/0] via 10.63.0.1, 00:00:14
B 10.133.201.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.100.0.32/30 [20/0] via 10.63.0.1, 00:00:14
B 10.90.0.0/16 [20/0] via 10.63.0.1, 00:00:14
B 10.172.16.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.4.204.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.4.205.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.3.202.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.4.202.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.4.201.0/24 [20/0] via 10.63.0.1, 00:00:14
B 10.254.254.240/32 [20/0] via 10.63.0.1, 00:00:14
147.225.0.0/30 is subnetted, 1 subnets
B 147.225.40.160 [20/0] via 10.63.0.1, 00:00:14
B 206.169.74.0/24 [20/0] via 10.63.0.1, 00:00:14
B 192.168.100.0/24 [20/0] via 10.63.0.1, 00:00:14
B* 0.0.0.0/0 [20/0] via 10.63.0.1, 00:00:14
NatPen_MX_3825#sh ip bg
NatPen_MX_3825#sh ip bgp
BGP table version is 32518, local router ID is 172.20.107.230
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.63.0.1 0 1 65000 65000 i
*> 1.4.204.0/24 10.63.0.1 0 1 ?
*> 10.3.202.0/24 10.63.0.1 0 1 ?
*> 10.4.201.0/24 10.63.0.1 0 1 ?
*> 10.4.202.0/24 10.63.0.1 0 1 ?
*> 10.4.204.0/24 10.63.0.1 0 1 ?
*> 10.4.205.0/24 10.63.0.1 0 1 ?
*> 10.20.0.0/16 10.63.0.1 0 1 65000 65000 ?
*> 10.21.0.0/16 10.63.0.1 0 1 65000 65000 i
*> 10.30.0.0/21 10.63.0.1 0 0 1 i
*> 10.30.13.0/24 10.63.0.1 0 0 1 i
*> 10.31.0.0/16 10.63.0.1 0 0 1 ?
*> 10.40.0.0/16 10.63.0.1 0 1 65000 65000 i
*> 10.41.0.0/16 10.63.0.1 0 1 65000 65000 ?
*> 10.60.0.0/16 0.0.0.0 0 32768 i
*> 10.61.1.0/24 10.60.0.2 20 32768 ?
r> 10.63.0.0/16 10.63.0.1 0 0 1 ?
*> 10.90.0.0/16 10.63.0.1 0 1 65000 10 i
*> 10.100.0.32/30 10.63.0.1 0 1 ?
*> 10.100.0.44/30 10.63.0.1 0 1 65000 65000 ?
*> 10.133.201.0/24 10.63.0.1 0 1 ?
*> 10.172.16.0/24 10.63.0.1 0 1 ?
*> 10.254.254.240/32
10.63.0.1 0 1 ?
*> 147.225.40.160/30
10.63.0.1 0 0 1 ?
*> 152.177.74.24/30 10.63.0.1 0 1 65000 ?
*> 152.181.185.68/30
10.63.0.1 0 1 65000 ?
*> 172.16.1.0/24 10.63.0.1 0 1 ?
*> 172.17.29.0/30 10.63.0.1 0 1 65000 65000 ?
*> 172.18.29.0/30 10.63.0.1 0 0 1 ?
*> 172.18.30.0/30 10.63.0.1 0 1 ?
*> 172.22.0.144/30 10.63.0.1 0 1 ?
*> 172.23.9.0/30 10.63.0.1 0 1 65000 65000 ?
*> 172.32.7.0/24 10.63.0.1 0 1 ?
*> 192.168.100.0 10.63.0.1 0 1 ?
*> 199.220.41.176/30
Network Next Hop Metric LocPrf Weight Path
10.63.0.1 0 1 ?
*> 199.220.194.232/30
10.63.0.1 0 1 65000 ?
*> 206.113.119.0/26 10.63.0.1 0 1 65000 65004 ?
*> 206.113.119.128/26
10.63.0.1 0 1 65000 65004 ?
*> 206.169.74.0 10.63.0.1 0 1 65000 65000 ?
NatPen_MX_3825#
NatPen_MX_3825#sh run | in ip rou
ip route 10.61.1.0 255.255.255.0 10.60.0.2
NatPen_MX_3825#
===============================================================================================================
router bgp 1
no synchronization
bgp log-neighbor-changes
network 10.30.0.0 mask 255.255.248.0
network 10.30.13.0 mask 255.255.255.0
redistribute connected
neighbor 10.63.0.2 remote-as 65001
neighbor 10.63.0.2 fall-over
neighbor 147.225.40.161 remote-as 65000
neighbor 147.225.40.161 distribute-list no-redist-CV-Routes out
neighbor 172.18.29.2 remote-as 1
no auto-summary
NatPen_SD2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 147.225.40.161 to network 0.0.0.0
199.220.41.0/30 is subnetted, 1 subnets
B 199.220.41.176 [200/0] via 10.100.0.34, 3w1d
1.0.0.0/24 is subnetted, 1 subnets
B 1.4.204.0 [200/0] via 10.133.201.254, 3w1d
152.177.0.0/30 is subnetted, 1 subnets
B 152.177.74.24 [20/0] via 147.225.40.161, 4w3d
152.181.0.0/30 is subnetted, 1 subnets
B 152.181.185.68 [20/0] via 147.225.40.161, 4w3d
206.113.119.0/26 is subnetted, 2 subnets
B 206.113.119.128 [20/0] via 147.225.40.161, 4w3d
B 206.113.119.0 [20/0] via 147.225.40.161, 4w3d
199.220.194.0/30 is subnetted, 1 subnets
B 199.220.194.232 [20/0] via 147.225.40.161, 4w0d
172.17.0.0/30 is subnetted, 1 subnets
B 172.17.29.0 [20/0] via 147.225.40.161, 3w0d
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [200/0] via 10.133.201.254, 3w1d
172.18.0.0/30 is subnetted, 2 subnets
B 172.18.30.0 [200/0] via 172.18.29.2, 3w1d
C 172.18.29.0 is directly connected, FastEthernet1/1
172.23.0.0/30 is subnetted, 1 subnets
B 172.23.9.0 [20/0] via 147.225.40.161, 1w2d
172.22.0.0/30 is subnetted, 1 subnets
B 172.22.0.144 [200/0] via 172.18.29.2, 3w1d
172.32.0.0/24 is subnetted, 1 subnets
B 172.32.7.0 [200/0] via 10.133.201.254, 3w1d
10.0.0.0/8 is variably subnetted, 21 subnets, 5 masks
C 10.30.0.0/21 is directly connected, GigabitEthernet0/0.1
C 10.31.0.0/16 is directly connected, GigabitEthernet0/0.2
C 10.30.13.0/24 is directly connected, GigabitEthernet0/0.2
B 10.20.0.0/16 [20/0] via 147.225.40.161, 4w0d
B 10.21.0.0/16 [20/0] via 147.225.40.161, 4w3d
B 10.40.0.0/16 [20/0] via 147.225.40.161, 1w2d
B 10.41.0.0/16 [20/0] via 147.225.40.161, 1w2d
C 10.63.0.0/16 is directly connected, GigabitEthernet0/1
B 10.61.1.0/24 [20/20] via 10.63.0.2, 00:01:44
B 10.60.0.0/16 [20/0] via 10.63.0.2, 00:01:44
B 10.100.0.44/30 [20/0] via 147.225.40.161, 4w3d
B 10.133.201.0/24 [200/0] via 172.18.29.2, 3w1d
B 10.100.0.32/30 [200/0] via 172.18.29.2, 3w1d
B 10.90.0.0/16 [20/0] via 147.225.40.161, 4w3d
B 10.172.16.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.4.204.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.4.205.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.3.202.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.4.202.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.4.201.0/24 [200/0] via 10.133.201.254, 3w1d
B 10.254.254.240/32 [200/0] via 10.133.201.254, 3w1d
147.225.0.0/30 is subnetted, 1 subnets
C 147.225.40.160 is directly connected, Serial3/0
B 206.169.74.0/24 [20/0] via 147.225.40.161, 2w1d
B 192.168.100.0/24 [200/0] via 10.133.201.254, 3w1d
B* 0.0.0.0/0 [20/0] via 147.225.40.161, 3w5d
NatPen_SD2#
NatPen_SD2#sh run | in ip route
ip route 0.0.0.0 0.0.0.0 10.133.201.254 210
ip route 1.4.205.147 255.255.255.255 10.100.0.29
ip route 170.146.36.16 255.255.255.255 10.100.0.29
ip route 170.146.234.48 255.255.255.255 10.100.0.29
NatPen_SD2#Dear Sathish,
Is the link flapping or the BGP is flapping?
If it is the link that is flapping then your BGP with the neighbour and the IGP with the neighbour must flap.
If it is only BGP which is flapping then we have to look in to different scenario , please share the log messages for the notification provided by the peer.
BR
Md Thanveer -
BGP Notification received, configuration change
Hi,
We are monitoring a BGP peering flap for a fraction of seconds approximately every three days for a particular neighbor. We are seeing this behavior consistently for a Month.
Jun 10 08:55:15.566 NST: bgp[1041]: %ROUTING-BGP-5-ADJCHANGE : neighbor x.x.x.x Down - BGP Notification received, configuration change (VRF: default)
Jun 10 08:55:15.565 NST: bgp[1041]: %ROUTING-BGP-5-NBR_NSR_DISABLED_STANDBY : NSR disabled on neighbor x.x.x.x on standby due to BGP Notification received (VRF: default)
Would like to know what does the error messge indicates "BGP Notification received, configuration change"There might be a clue in the bgp trace on the device that experienced this condition:
show bgp trace and look around the time of the notification down.
Depending on what is on the other side, I think that hte investigation is better done on that node as that was the originator of the change hence bringing the peer down.
This can be as simple as an address family add or remove, things like that. When capabilities of a peer change, they have to bring down the peering since they are only sent in the OPEN message.
IF it is very periodic, I would also verify and check what might be happening during those time windows, especially on the peer. Maybe there is a config script that could induce things.
If that peer is an XR device, the bgp trace will be very helpful in that regard.
If itis an IOS device, then maybe you need to keep running some debug bgp event for around the time that you expect this flap, and a syslog analysis (sh log) around that time for clues.
xander -
when EIGRP and BGP is flapping.
which portion should I check to find out
if it is flapping because of high traffic or low quality access lines?
which should config should I check?
thanks a lotFollowing links may help you
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094613.shtml
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009478a.shtml -
Hi,
I have to check if in Cisco 7200 router there are bgp session flapping without charging the cpu and I had an idea using the bgp dampening command.
Now, if someone used it, if this command introduces cpu load.
Thank you.
Regards.
Paolobgp route dampening is not so cpu intensive.
once the route is dampened, it depends on a simple property, the ReuseLimit, in conjunction with the HalfLife of the suppression, to begin advertising the route again.
this is not too cpu intensive to worry about, unless you had thousands of routes to dampen. -
Hi
Whenever there is a bgp neighbour flap, we are not getting snmp traps on the HP NNMI Server.. I believe during the neighbour flap, the device is unable to communicate with NNMI and drop the trap..
So I would like to write a custom EEM SCRIPT that can match a syslog pattern and generate a customised SNMP trap and send it to NNMI. May be I can delay the trap generation or sending so that the device restores the connectivity and then send an alert
Here are my questions:
Is this a good idea?
Can you give me a sample configuration with the MIB Values to be generated?
What MIB Should be loaded on the server?
I am curious how others are monitoring this kind of bgp flaps...
Sent from Cisco Technical Support iPad AppAfter i enabled snmp inform using following command
snmp-server host 100.190.19.33 informs version 2c XXXX
I see it is contineously incrementing snmp inform sent messages on the router..I am not sure what it is sending..I would like to be specific like sending only BGP snmp informs to the NMS..is it possible ?
DR1#show snmp
Chassis: FHK0850F0HL
4338622 SNMP packets input
0 Bad SNMP version errors
746076 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
35020739 Number of requested variables
0 Number of altered variables
3303916 Get-request PDUs
97632 Get-next PDUs
0 Set-request PDUs
0 Input queue packet drops (Maximum queue size 1000)
6639622 SNMP packets output
0 Too big errors (Maximum packet size 1500)
546341 No such name errors
0 Bad values errors
0 General errors
3592535 Response PDUs
3047076 Trap PDUs
SNMP Dispatcher:
queue 0/75 (current/max), 0 dropped
SNMP Engine:
queue 0/1000 (current/max), 0 dropped
SNMP logging: enabled
Logging to 10.45.224.19.162, 0/10, 761350 sent, 347 dropped.
Logging to 10.48.176.1.162, 0/10, 759955 sent, 1886 dropped.
Logging to 100.190.19.25.162, 0/10, 761329 sent, 368 dropped.
Logging to 100.190.19.33.162, 0/10, 761367 sent, 474 dropped.
SNMP Manager-role output packets
0 Get-request PDUs
0 Get-next PDUs
0 Get-bulk PDUs
0 Set-request PDUs
11 Inform-request PDUs
0 Timeouts
0 Drops
SNMP Manager-role input packets
0 Inform request PDUs
0 Trap PDUs
11 Response PDUs
0 Responses with errors
SNMP informs: enabled
Informs in flight 0/25 (current/max)
Logging to 100.190.19.33.162
11 sent, 0 in-flight, 0 retries, 0 failed, 0 dropped -
Difference between address-family ipv6 and address-family ipv6 labeled unicast
Hello Experts,
Can someone explain me the difference between address-family ipv6 and address-family ipv6 labeled unicast. Per my understanding, i think both of them are used to send labelled IPv6 prefix advertisements through BGP..If so, are the following configs same?
address-family ipv6
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-label
router bgp 10
neighbor 192.168.0.1
address-family ipv6 labelled unicast
Please let me know if my understanding is correct
Thanks
MukundhThanks for the reply Nagendra...
I have another related query regarding this. We have BGP neighborship flapping between 2 routers ...One is Cisco 7204 and another is Juniper M120 I think.... The Juniper logs show that BGP is flapped due to family inet6 not configured on the Juniper end and Juniper is receiving BGP advertisements with native IPv6 as next hop from Cisco when it shouldn't be receiving that.. The following are commands on Cisco and Juniper...
##### CISCO####
outer bgp 5603
neighbor 95.176.254.10 inherit peer-session LAR neighbor 95.176.254.10 description --- M320-LAB-LJ-CIGALETOVA address-family ipv4
neighbor 95.176.254.10 activate
neighbor 95.176.254.10 inherit peer-policy LAR-ipv4 address-family ipv6
neighbor 95.176.254.10 activate
neighbor 95.176.254.10 send-community both
neighbor 95.176.254.10 route-reflector-client
neighbor 95.176.254.10 send-label
template peer-session LAR
remote-as 5603
update-source Loopback0
timers 30 90
exit-peer-session
template peer-policy LAR-ipv4
route-map LAR-ipv4-out out
route-reflector-client
soft-reconfiguration inbound
send-community both
exit-peer-policy
####JUNIPER####
protocols{bgp{
group I-BGP-IPV4 {
type internal;
family inet {
unicast;
family inet6 {
labeled-unicast {
explicit-null;
export RR-Export-All;
neighbor 95.176.255.254 {
description C7201-RR-IP-CIGALETOVA;
local-address 95.176.254.10;
neighbor 95.176.255.252 {
description C7201-RR-IP-CIGALETOVA;
local-address 95.176.254.10;
By the cisco command above, shouldn't cisco be sending only labelled ipv6 prefixes or am I wrong in this. And if Cisco sends both unlabelled and labelled prefixes, is there a way to make it send only ipv6 prefixes?
Thanks
Mukundh -
Hi,
I'm getting below logs in my router frequently and BGP flaps. could someone tell me what are the possible causes of this issue.
Oct 2 02:33:50: %BGP-3-NOTIFICATION: received from neighbor 192.168.181.217 4/0 (hold time expired) 0 bytes
Oct 2 02:33:50: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Down Peer closed the session
Oct 2 02:33:50: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.181.217 IPv4 Unicast topology base removed from session Peer closed the session
Oct 2 02:33:57: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Up
Oct 2 03:35:52: %BGP-3-NOTIFICATION: received from neighbor 192.168.181.217 4/0 (hold time expired) 0 bytes
Oct 2 03:35:52: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 Down Peer closed the session
Oct 2 03:35:52: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.181.217 IPv4 Unicast topology base removed from session Peer closed the session
Oct 2 03:36:03: %BGP-5-ADJCHANGE: neighbor 192.168.181.217 UpHello,
- Many potential issue...
- Is it EBGP or IBGP?
- May be hold-time too short.
- May be overload CPU.
- May be inconsistent Keepalive/hold time.
- May be network flapping in the middle...
C. -
Hi everybody
I hope all my old pals ( no pun intended :) are doing fine. Today at work I encountered a strange issue, one of customer opened a ticket for BGP flapping.
It was only when I match the MTU of CE on PE router did bgp stabilize I asked of my senior co worker but he did not answer why. A lot of cisco documentation on google did not go into details why mismatched MTU could cause flapping.
I am reaching out to you guys may be someone knows and enlighten me.
Much appreciated
thanksHi Sarah,
You're welcome as always :)
Regarding the BGP flapping - can you be more specific? What exact kind of flapping was that? Were you getting any BGP notifications, or BGP hold intervals being exceeded? Any more technical information, such as logging messages, would be greatly helpful.
Speaking in an extremely general sense and most probably saying nothing new, MTU mismatches on a common link will cause the router with the smaller MTU to discard all incoming IP packets whose total size exceeds this smaller MTU. For unreliable protocols, this would cause irreparable packet losses. For TCP, the situation is more complex: each router opening a TCP session should advertise a TCP Maximum Segment Size (MSS) derived from its own MTU on the egress interface. The router with the smaller MTU would advertise its MSS equal to its smaller MTU minus 40, telling the other router to send TCP segments that would, after adding TCP and IP headers, be exactly MTU bytes long, so the other router would never send TCP segments that would be oversized. So here, despite the MTU mismatch on the same link, the TCP communication between the two routers should actually work.
Just wondering, what was the exact MTU value you had to configure? Was it significantly different from the default of 1500 bytes?
Best regards,
Peter -
Prefix-list; clear bgp peer-group Test soft in; no file prompt quiet
Hello everyone,
I have a few simple questions. Hope someone will help me Thank you in advance.
1) We are using prefix-set into route-maps, but how I can use a prefix-list?
2) In classic IOS we have the command: clear bgp peer-group Test soft in
I don't see it in IOS-XR (Cisco IOS XR Software, Version 4.0.1):
RP/0/RSP0/CPU0:STH02#clear bgp ipv4 unicast ?
* Clear all peers and all routes from the BGP table
A.B.C.D or X:X::X BGP neighbor address to clear
as Clear peers in a specific AS
dampening Clear route flap dampening information
external Clear all external peers
flap-statistics Clear flap statistics
nexthop Clear nexthop
self-originated Clear redistributed, network and aggregate routes originated here
shutdown Clear all peers which were shut down due to low memory
3) In classic IOS we have the command: no file prompt quiet
I don't see it in IOS-XR. What is the command for IOS-XR?
I need it for the operation like this:
copy ftp://**:***@216.*.*.*/CUST_AS-TEST-in.prefixlist compactflash:/PrefixFilters/CUST_AS-TEST-in.prefixlist
Wed Apr 18 12:02:00.936 UTC
Destination filename [/compactflash:/PrefixFilters/CUST_AS-TEST-in.prefixlist]? !!!! I don't need this question
Copy : Destination exists, overwrite ?[confirm] !!!! I don't need this question
Accessing ftp://*:*@216.*.*.*/CUST_AS-TEST-in.prefixlist
C
584 bytes copied in 0 sec
Have a nice day,
DimitryThank you Alexander for your reply. It is the good RPL description and I've got the idea of REFRESH capable peer.
BUT, I still don't find the answer on my 3-d question:
In classic IOS we have the command: no file prompt quiet
I don't see it in IOS-XR. What is the command for IOS-XR?
I need it for the operation like this:
copy ftp://**:***@216.*.*.*/CUST_AS-TEST-in.prefixlist compactflash:/PrefixFilters/CUST_AS-TEST-in.prefixlist
Wed Apr 18 12:02:00.936 UTC
Destination filename [/compactflash:/PrefixFilters/CUST_AS-TEST-in.prefixlist]? !!!! I don't need this question
Copy : Destination exists, overwrite ?[confirm] !!!! I don't need this question
Accessing ftp://*:*@216.*.*.*/CUST_AS-TEST-in.prefixlist
C
584 bytes copied in 0 sec
How can I suppress confirmations like this?
Destination filename [/compactflash:/PrefixFilters/CUST_AS-TEST-in.prefixlist]?
Copy : Destination exists, overwrite ?[confirm]
Dimitry -
I read http://blog.ipexpert.com/2010/11/08/bgp-peering-and-default-routes/ and understood that BGP speaker will not initiate BGP connection with the other BGP router if it can reach it via default route only...And BGP peering will not come up at all if both the BGP speakers know each other via default routes only....I could not understand the reason behind this though...Could any expert help me in understanding the underlying reasoning?
I can't think of a reason why you would want to peer with a router you don't have a route for. If you're relying on a default route for a multi-hop bgp peer session, it could cause the session to be unreliable due to changes in the network down the line from you. An unreliable bgp session would be bad on the router's cpu/memory if the session were to flap.
-
What do we need to do if BGP Router contribute high process in CPU?
CPU utilization for five seconds: 97%/43%; one minute: 99%; five minutes: 92%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
44 36270732 35464661 1022 25.03% 15.21% 14.43% 0 BGP Router
325 7703860203228294256 0 10.47% 5.58% 5.24% 0 IP Input
455 7596596 28244228 268 5.59% 1.60% 0.82% 0 BGP I/O
543 13576608 8569950 1584 3.83% 18.94% 9.57% 0 BGP Task
9 152474380 15201602 10030 2.07% 0.27% 0.57% 0 Check heaps
376 16372652 7777145 2105 1.83% 13.93% 13.76% 0 IP RIB Update
358 56785192 14452691 3929 0.95% 0.44% 0.52% 0 CEF: IPv4 proces
23 55656604 116191071 479 0.71% 0.51% 0.50% 0 ARP Input
348 5736736 7812055 734 0.63% 4.19% 5.03% 0 XDR mcast
546 36531108 132425650 275 0.63% 0.37% 0.28% 0 Port manager per
35 56337684 306101724 184 0.23% 0.42% 0.30% 0 IPC Seat Manager
330 287962916 871459868 330 0.23% 0.39% 1.61% 0 SNMP ENGINE
286 7682841067821917 0 0.15% 0.07% 0.07% 0 Ethernet Msec Ti
626 354112 825565 428 0.15% 0.11% 0.09% 0 IPv6 Input
3 754316 523105917 1 0.15% 0.10% 0.09% 0 HSRP Common
385 2182508 14151135 154 0.15% 0.10% 0.14% 0 L3 Manager
317 44655884 658073408 67 0.07% 0.04% 0.21% 0 PDU DISPATCHER
395 4363480 4661440 936 0.07% 0.04% 0.05% 0 HIDDEN VLAN Proc
323 1161648 134374319 8 0.07% 0.04% 0.05% 0 VRRS Main thread
56 2269676 9230664 245 0.07% 0.08% 0.07% 0 Per-Second Jobs
240 1449416 1870109 775 0.07% 0.04% 0.05% 0 Compute load avg
243 1488814081309230003 113 0.07% 0.13% 0.76% 0 IP SNMP
CPU utilization for five seconds: 97%/43%; one minute: 99%; five minutes: 92%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
44 36270732 35464661 1022 25.03% 15.21% 14.43% 0 BGP Router
325 7703860203228294256 0 10.47% 5.58% 5.24% 0 IP Input
455 7596596 28244228 268 5.59% 1.60% 0.82% 0 BGP I/O
543 13576608 8569950 1584 3.83% 18.94% 9.57% 0 BGP Task
9 152474380 15201602 10030 2.07% 0.27% 0.57% 0 Check heaps
376 16372652 7777145 2105 1.83% 13.93% 13.76% 0 IP RIB Update
358 56785192 14452691 3929 0.95% 0.44% 0.52% 0 CEF: IPv4 proces
23 55656604 116191071 479 0.71% 0.51% 0.50% 0 ARP Input
348 5736736 7812055 734 0.63% 4.19% 5.03% 0 XDR mcast
546 36531108 132425650 275 0.63% 0.37% 0.28% 0 Port manager per
35 56337684 306101724 184 0.23% 0.42% 0.30% 0 IPC Seat Manager
330 287962916 871459868 330 0.23% 0.39% 1.61% 0 SNMP ENGINE
286 7682841067821917 0 0.15% 0.07% 0.07% 0 Ethernet Msec Ti
626 354112 825565 428 0.15% 0.11% 0.09% 0 IPv6 Input
3 754316 523105917 1 0.15% 0.10% 0.09% 0 HSRP Common
385 2182508 14151135 154 0.15% 0.10% 0.14% 0 L3 Manager
317 44655884 658073408 67 0.07% 0.04% 0.21% 0 PDU DISPATCHER
395 4363480 4661440 936 0.07% 0.04% 0.05% 0 HIDDEN VLAN Proc
323 1161648 134374319 8 0.07% 0.04% 0.05% 0 VRRS Main thread
56 2269676 9230664 245 0.07% 0.08% 0.07% 0 Per-Second Jobs
240 1449416 1870109 775 0.07% 0.04% 0.05% 0 Compute load avg
243 1488814081309230003 113 0.07% 0.13% 0.76% 0 IP SNMPHi,
BGP Router process is in charge to determine the best path and processes any route "churn". It also sends and receives routes, establishes peers, and interacts with the routing information base (RIB).
(http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/107615-highcpu-bgp.html)
So I suggest to check what make this process working hard. Depending on that you can choose what to do: bgp dampening (if you have many changes in advertisement received form a neighbor), tuning timer (if neighbor is flapping), using peer-group / update-groups to reduce the amount of job your BGP process has to do to process updates etc...
Have a look here: https://supportforums.cisco.com/discussion/11604471/high-cpu-usage-bgp-router-process
Bye,
enrico
PS please rate if useful -
IP Sec Flapping help required urgent
Hi Team
We have Site A, B & C taken the MPLS link from SP.
We had configurted the IP sec between these 3 sites. We enable the Eigrp protocol and advertise the routes from one site to other. Now the issue. We not observed any flapping issue between our site to ISP site. EIGRP showing up past 2 weeks. But Crypto session between A&C site is continusoly flapping.
I check the Log in the in my C Site. I had observed
%IOSXE_PEM-6-PEMFAIL: The PEM in slot o is switches off or encountering failure condition.
%IOSXE_PEM-6-PEMOK: The PEM in slot o is functioning properly
Continuosly these error was coming please explain. Is this is reason for crypto session flapping.. How to resolve this issuei dont received any error.. But If i checked crypto session. peer is Showing Down-Negotiating, UP-idle few minutes IP sec was Up then agin it is getting flapped. any way issue solved automatically. but we dont why it was happened.
My query is WAN link having no issue then how IPsec was flapping.. What are possible things for flapping this.. I am not have much knowledge about it. Still i am not sure wheather i am communicated query in right way.... -
Why internal EIGRP flapping when a WAN link is flapping?
I have router A and B running EIGRP in between. Router B has a WAN connection into the carrier.
Recently the EIGRP neighboring between A and B was flapping. In the mean time the WAN link was flapping too.
Router B was running BGP over the WAN link and redistributing BGP into EIGRP.
Why the WAN link issue caused the EIGRP neighboring up and down?
Thanks
GaryWhen we attempted to ping the ISP's router will a full size MTU packet, the packet gets dropped. Any packets greater than 400 bytes gets dropped.
-
How to reduce BGP scanner in C7200?
Hi,
I have a Cisco 7206VXR with NPE-300 and 256 MB of RAM.
I have the problem issue that the BGP scanner process is about 9.6% on 32% of total CPU load.Randomly there are picks up to 99% of BGP scanner.
I thought that it caused by route flapping but after enabling bgp dampening it happened anything.
Does anyone know how to create route inbound filtering from two peers?
Thank you very much.
Regrds.
PaoloThe BGP scanner by default runs every 60seconds. It goes through and updates the BGP tables (remove or add routes based on current information).
For filtering on the inbound direction, you can filter based on prefix or ASN. The following example is a bit of an overkill, but it only allows the /23 prefix listed, routes in this /23 originated in the AS listed, and a max of 50 routes to be advertised to this device:
neighbor 1.1.1.1 remote-as 65001
neighbor 1.1.1.1 description [Customer-A]
neighbor 1.1.1.1 prefix-list Customer in
neighbor 1.1.1.1 maximum-prefix 50
neighbor 1.1.1.1 filter-list 32 in
ip prefix-list Customer-In description [Customer-A]
ip prefix-list Customer-In seq 5 permit 10.0.0.0/23
ip as-path access-list 32 permit _65001$
You could always talk to your ISP and take partial routes instead of a full table if you wanted. Hope this helps.
Maybe you are looking for
-
On Sync, Apps Try to Load on Multiple iPhones
Folks... I've got something driving me crazy may actually be a simple fix, but I cannot seem to find the solution. I have 5 family iPhones sync'ing to the same MacPro. My kids all have many many apps, and my wife and I only have 5-8 each. The prob
-
I have Photoshop Elements 6.0 and Premier Elements 4.0. I would like to create a slide show with greater than 200 slides and then burn that show to a DVD. Photosho Elements will not let me work with greater than 200 images. How do you get around t
-
FAILURE at package transport from 7.3 = 7.00 release - SAP NOTE 1295439
Hi - transporting from 7.3 into 7.00 system I'm facing the following problem: error message >>> import of new package definition [note 1089083] is not possible in this release. Please refer also to notes 1089083 and 1295439 for... error message <<< U
-
My site passed the Browser compatibility check in DWCS3, however, after launching site online and viewing it on a IE6 PC computer, the home page does not display correctly: the center section drops down. I checked for a potential float drop problem b
-
i just bought Adobe Photoshop Elements 12 & Adobe Premiere Elements 12 Student and Teacher Edition they asking me for student card to scan and send, i finish iphotography course online we dont have this card. what now ???