07-14-2017 11:31 AM - edited 03-05-2019 08:51 AM
Hello,
I have a query about the BGP initiation process. When I do a Wireshark, I see that after TCP 3-Way, OPEN messages are sent. Then Keep alives packets are sent. I am wondering what is the role of keep alives in session initiation.
Can anyone please explain this?
CF
07-17-2017 10:19 AM
Any help would be appreciated!
07-17-2017 01:43 PM
As much as I am aware of, keepalives are not a part of session initiation. In open messeges you can see it is negotiated hold timer. Keepalive * 3 = hold-time. As soon as open message is received peers start to send keepalives. If peer do not receive keepalive, update or notification in hold-time period peer considered dead. Local device uses smaller of two values for bgp hold-time (comparing its own and peer's hold-time) value that is in the open message.
RFC 4271 suggests 30 seconds for keepalive and 90 seconds for hold-time.
Cisco defaults are 60 second keepalive and 180 for hold-timer.
07-19-2017 08:08 AM
Hi CF and crni00000,
The Keepalive messages are part of the BGP FSM model (please refer to RFC 4271, starting from page 67, OpenConfirm State):
"In this state, BGP waits for a KEEPALIVE or NOTIFICATION message."
Then:
"If the local system receives a KeepaliveTimer_Expires event (Event
11), the local system:
- sends a KEEPALIVE message,
- restarts the KeepaliveTimer, and
- remains in the OpenConfirmed state.
"
Further you will find:
"If the local system receives a KEEPALIVE message (KeepAliveMsg
(Event 26)), the local system:
- restarts the HoldTimer and
- changes its state to Established.
"
It is a normal behavior to see Keepalive messages in OpenConfirm state and then the transition to Established state.
Please let me know if you need more help related to this topic.
Kind regards,
Marius
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide