10-14-2010 10:41 AM - edited 03-04-2019 10:07 AM
Greetings All,
I have any issue wherein I'm having difficulty pinpointing the problem because from a birds eye view everything looks ok.
First, I have the following setup:
(internet) <> [ISP-A] <ebgp> [rtr1] <ibgp> [rtr2] <ebgp> [ISP-B] (internet)
NOTE: only getting partial routes with default from both ISP's
At first glance everything looks fine, because BGP sessions are stable. However, I noticed that the CPU or RTR2 was spiking every minute. Looking into it showed that the CPU spikes are caused by BGP/RIB updates. I am 80% sure that the updates originating from ISPA. The question is how do i verify this? and how do i lessen the impact of those updates.
Solved! Go to Solution.
10-15-2010 11:34 PM
Hi,
If the next-hop is known via BGP this can cause such issues with the BGP scanner timer.You have to make sure that all the BGP next hops are known by the IGP. Try configuring "next-hop-self" on the iBGP peering. Another solution is to make the iBGP AD higher than the IGP AD, making sure that the next hope is known via the IGP instead of iBGP.
HTH
Joe.
10-14-2010 12:57 PM
Few more questions. Is there a best practice incoming BGP update filter that anyone uses for Internet Edge routers?
10-14-2010 08:00 PM
Hi,
Need some more inputs from your RTR2 .
1- sh process cpu | exc 0.00
2- Your router memory
3- your BGP config from both router.
4- confirm if any path-mtu discovery configured (or provide output of show ip bgp neighbors | include max data ).
5-
meanwhile if you can push only default route from Rtr1 to Rtr2 and see any improvement in cpu usage, also confirm have you changed default scantime
Regards
Mahesh
10-14-2010 11:20 PM
Hi,
As you had mentions in your post, if your network set up is having two different router connected to different isp and if you are running IBGP peer between your two routers. chances are there where your AS will act as the transit AS.
(internet) <> [ISP-A]
you should make sure that routes learned via isp A should not advertised to ISP B. by default it will happen because you are running IBGP peer between your routers.
1. let us know your bgp configuration on two router
2. let us know how many routes your learning from each isp and how many is being advertised to each isp.
Regards,
Hariharan k
10-15-2010 10:12 AM
Hi Hariharan,
We have outbound BGP filters that only allows our prefix to be advertised to the ISP's. So we are not a transit network.
10-15-2010 10:08 AM
This is the output when the CPU spikes
CPU utilization for five seconds: 86%/0%; one minute: 40%; five minutes: 32%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
6 29604 1583 18701 0.47% 0.41% 0.43% 0 Check heaps
43 5824 6017 967 0.15% 0.10% 0.10% 0 Per-Second Jobs
160 799624 4303 185829 57.03% 20.20% 15.48% 0 IP RIB Update
163 160404 8217 19520 10.55% 3.23% 2.84% 0 XDR mcast
237 372096 4814 77294 13.43% 9.71% 7.47% 0 BGP Router
241 197864 1184 167114 4.23% 5.22% 4.06% 0 BGP Event
Memory 512Mb - using only 159Mb
show ip bgp summary
BGP router identifier x.x.x.x, local AS number xxxx
BGP table version is 12723897, main routing table version 12723897
132615 network entries using 16046415 bytes of memory
246291 path entries using 12807132 bytes of memory
24216/14485 BGP path/bestpath attribute entries using 3390240 bytes of memory
21091 BGP AS-PATH entries using 573986 bytes of memory
1 BGP community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 32817797 total bytes of memory
89911 received paths for inbound soft reconfiguration
BGP activity 133809/1191 prefixes, 249017/2726 paths, scan interval 60 secs
Both configs are identical.
router bgp 1231
no synchronization
bgp log-neighbor-changes
redistribute eigrp 1 route-map ROUTEMAPNAME
neighbor x.x.x.x remote-as 1231 (iBGP)
neighbor x.x.x.x update-source Loopback1
neighbor x.x.x.x version 4
neighbor x.x.x.x soft-reconfiguration inbound
neighbor 1.1.1.1 remote-as 4567 (eBGP
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 timers 30 90
neighbor 1.1.1.1 send-community
neighbor 1.1.1.1 soft-reconfiguration inbound
neighbor 1.1.1.1 weight 1000
neighbor 1.1.1.1 prefix-list Filter-out out
no auto-summary
show ip bgp neighbors | inc max data
Datagrams (max data segment is 1440 bytes):
Datagrams (max data segment is 4410 bytes):
10-15-2010 11:09 PM
Hi,
BGP config and parameter seems to be ok . your main concern is ip rib update process which is caused by routes yet not installed in
RIB (i mean waiting to be processed by cpu).
can you confirm if ip cef is configured in this router. If not can you go for it.
Regards
Mahesh
10-15-2010 11:34 PM
Hi,
If the next-hop is known via BGP this can cause such issues with the BGP scanner timer.You have to make sure that all the BGP next hops are known by the IGP. Try configuring "next-hop-self" on the iBGP peering. Another solution is to make the iBGP AD higher than the IGP AD, making sure that the next hope is known via the IGP instead of iBGP.
HTH
Joe.
10-20-2010 09:37 AM
I had a call with TAC this is what caused the issue. Thanks for the response
02-24-2019 07:00 AM
Hi Meryllem,
"I had a call with TAC this is what caused the issue. Thanks for the response"
Whats the cause of the issue???
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: