ASK THE EXPERT - Border Gateway Protocol Multi-homing - Page 2

ciscomoderator · ‎02-17-2011

With Manigandan Ganesan

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update on design and troubleshooting BGP with Cisco expert Manigandan Ganesan. Mani is an engineer working with the Routing Protocols team in the Cisco Technical Assistance Center in Bangalore. There he configures and troubleshoots various routing protocols like Enhanced Interior Gateway Routing Protocol, Open Shortest Path First protocol, Border Gateway Protocol, and Protocol Independent Multicast. He also focuses on filing technical and documentation bugs in these areas, and delivers training sessions on these technologies to other teams in Cisco. Mani holds a bachelor’s degree in electrical and electronics engineering from Anna University, Chennai. He also holds CCIE certification #27200 in Routing and Switching.

Remember to use the rating system to let Mani know if you have received an adequate response.

You can review the Live Webcast Video where Mani gave a presentation on this topic. You can also read the questions he answered during the live event in this FAQ Document.

Mani might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Security discussion forums shortly after the event. This event lasts through February 25, 2011. Visit this forum often to view responses to your questions and the questions of other community members.

Mani Ganesan · ‎02-23-2011

Hi,

Are you able to ping from the inside interface of the colo router to the main router through the FW ?

It does not matter if it is a private range or public range to run IBGP, as long as we can reach the peer's ip address.

If ping fails, then we need to get the basic conenctivity up between the inside interfaces of the router through the FW, where NAT and stuffs would come into the picture.

Thanks,

Mani

huangedmc · ‎02-24-2011

hi Mani,

My question isn't related to BGP multi-homing, but control plane policing in regards to BGP traffic.

In the campus QoS SRND 4.0, an example was given to police BGP traffic to 4M.

Is 4M sufficient for most cases?

Even if that's the case, we'd like to analyze & baseline our environment, to make sure CoPP doesn't impact BGP prefix exchange between our switches & routers.

How do we go about that?

Is there a show command that can tell us the RATE of the BGP traffic?

"show ip bgp neighbor" shows you how much memory the prefixes consume, but it doesn't tell you how fast the router is receiving the route updates from its BGP neighbors.

Ditto for IGP traffic.

thanks,

Kevin

Mani Ganesan · ‎02-25-2011

Hi Kevin,

4M would generally enough, however there are factors such as the platform ( hardware / software ), number of BGP peers, number of routes learned and how stable they are.

Regarding your question on, how to know how fast the router is receiving the route updates from its BGP neighbors, 'show ip bgp summary' shows the INQ for every peer, if it is non-zero, that would tell us if we receive BGP updates at a rate faster than what the CPU can handle. Based on that, we can adjust the threshlold, if it is not enough.

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
*192.168.3.2 4 50000 2 2 2 0 0 00:00:37 0

Also you can check the show policy map < name > command to see the exact number of BGP packets received in total on a real time basis. For example,

RTR1#show policy-map control-plane
Control Plane
Service-policy input: copp-policy
Class-map: coppclass-bgp (match-all)
1443 packets, 113844 bytes
5 minute offered rate 0 bps
Match: access-group name coppacl-bgp

On a side note, I have seen customers giving unrestricted access to BGP and IGP, so that the keepalives and updates never get dropped even if they cross the limit, and hence peers are never flapped because of the policies.

Best regards,

Mani