Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and any ask questions about how to configure and troubleshoot and design netowrk using Border Gateway Protocol with Cisco expert Vinit Jain.
Ask questions from Tuesday Janury 12 to Friday January 22, 2016
Border Gateway Protocol (BGP) is one of the most widely deployed protocols in networks today and is the definitive routing protocol in the Internet. BGP is a flexible protocol, in that a variety of options are available to network engineers. Furthermore, extensions and implementation enhancements make BGP a powerful and yet complex tool. Because of BGP's pervasive deployment across multiple networks and the large number of use-cases that BGP can be applied to, it is becoming increasingly important to understand how to troubleshoot BGP issues quickly and easily. Viinit will be helping you answer your queries on how to troubleshoot BGP
Vinit will be helping you with all your queries on all of the above.
Vinit Jain, 3X CCIE #22854 is a Technical Lead in HTTS (High Touch Technical Support) team supporting customers in areas of routing, MPLS, TE, IPv6, multicast and a wide variety of platform issues like High CPU, Memory leak, etc IOS, IOS XE, IOS XR and NxOS code base. Has been delivering trainings within Cisco on various technology as well as platform troubleshooting topics. He has also written workbook on IOS XR fundamentals on Cisco Support Community. Vinit has CCIE in R&S, SP and Sec and holds multiple certifications on programming and databases.
Vinit might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the WAN, Routing and Swiching sub-community
**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions
Hi! Thank you for your webcast, but.. I'm wondering if bfd is a best practice when i'm trying to improve convergence time??? Because, with BGP that convergence time is about 2 minutes and i would like to decrease that time to a few seconds.
BFD can be used for faster detection of failures and fast peering de-activation. There are various factors that needs to be looked in when talking about convergence. If you are thinking of convergence from the perspective of replicating the updates or receiving the updates, then BFD does not comes into picture. You will then have to understand the reason for the delay in convergence from TCP perspective and may want to apply PMTUD (if not already in place). If the convergence is looked in from the perspective of faster detection of failures, then yes BFD is a good choice.
Hope this answers your question.
But I in the case of ISP connections to the Internet, say with an uncooperative ISP, that will be a roadblock as BFD needs to be configured on both systems no?
Maybe next-hop tracking and fast session deactivation for a faster error detection and convergence ?
I agree with your point. There are multiple options that can be applied and it would depend on case a to case basis.
If I am advertising same subnet from two different router (R1 & R2) in Branch A, which route will be preferred by Branch 2 router (R3)?
R3--R1 or R3--R2 ?
It will depend. the BGP best path selection algorithm decides upon which path will be selected best.
Hope this helps.
Vinit, this question was asked during the live event:
How to remove private as from a path?
Thanks for posting this Question Monica. When an organization is configured with a private AS number, the BGP updates from customer to ISP network will contain the private AS number. To avoid ISP propagating the private AS numbers into the global Internet table, the private AS numbers should be removed.
The private AS can be removed from the path using the command neighbor x.x.x.x remove-private-as and can be configured for EBGP peers where the routes are supposed to be propagated.
Thanks for the presentation today. I have a question regarding dynamic BGP peering. Would like to know what is the maximum number of neighbors that can be configured with dynamic BGP peering and is it a good method for configuring BGP neighbors.
I have not seem many deployments where Dynamic BGP Peering feature has been deployed.
Appreciate your inputs here.
From what I recall, we can configure maximum of 5000 BGP neighbors in Dynamic BGP Peering. It also depends on the scalability of the device (how much memory is present and how powerful is the CPU). It is a good method if the BGP peers are in the same subnet (kind of same lan segment). Though you can configure dynamic BGP peering for ebgp peerings in 5 different ASes.
Yes, this feature is not used much. Most of its usage is being seen in IWAN deployment.
Hope this helps.
I have couple of question
1.how does route refresh happen in BGP it is immediate or it happen after stipulated time.
2.what is BGP gracefull restart.
3.what is BGP scanner.
BGP Scanner - Runs every 60 seconds to verify the next-hop reachability of all prefixes in the BGP table.
BGP Graceful Restart - Graceful restart is the mechanism by which BGP routing peers avoid a routing flap following a switchover. Each routing has its own specific GR extensions, but all are pretty much the same as far as their working is concerned. When a router's control plane goes down, its neighbors, instead of reporting to their own neighbors that router X is unavailable, waits for a certain amount of time (which we can call a grace period). if the router X comes back up before the grace period expires, the devices beyond the connected neighbor do not get impacted due to the temporarily broken session.
BGP Route Refresh - Refresh Capability was defined in RFC 2918. The BGP route refresh capability has a capability code of 2 and the capability length of 0. Using the route refresh capability, the router sends out a route refresh request to peer to get the full table from the peer again. The good part of route refresh capability is there is no pre-configuration needed to enable this capability.
Once the speaker receives a route refresh request, the BGP speaker re-advertises to the peer the Adj-RIB-Out of the AFI and SAFI carried in the message, to its peer. If the BGP speaker has an outbound route filtering policy, the updates are filtered accordingly. The route refresh requesting peer receives the filtered routes.
The clear ip bgp neighbor-ip in or clear bgp afi safi neighbor-ip in command tells the peer to resend full BGP announcement by sending a route-refresh request. Where as clear bgp afi safi neighbor-ip out command resends full BGP announcement to the peer and it does not initiates a route refresh request.
Hope this answers your question.
Thanks for your Answer.
I am still confuse with BGP scanner and NHT.
My question is as both are enable by default and both Validate nexthop reachability.
So why we need to run both process for same purpose and what is different between them.