cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
579
Views
0
Helpful
9
Replies
Highlighted
Beginner

iBGP problem

I have two Cisco 3845 routers running as multihomed to two larger ISPs with BGP4.

I am trying to configure iBGP between the two routers. When I activate the BGP on both routers one router will download routes slowly while the other router downloads routes and then those routers slowly disappear. I see the routers disappear by doing a "show ip bgp sum" and notice the routes received  goes up and then slowly drops to zero while the other router is still receiving more routes. The CPU on both routers goes to 100% the entire time.

The BGP config on each router is straight forward.

Router 1

router bgp 1197x

no synchronization

bgp always-compare-med

bgp log-neighbor-changes

bgp dampening

network 20x.162.160.0 mask 255.255.224.0

neighbor 199.36.132.x remote-as 23248

neighbor 199.36.132.x description PPS

neighbor 199.36.132.x update-source GigabitEthernet0/1

neighbor 199.36.132.x soft-reconfiguration inbound

neighbor 199.36.132.x route-map pps-to-vci in

neighbor 199.36.132.x route-map vci-to-pps out

neighbor 207.162.161.x remote-as 11970

neighbor 207.162.161.x description VCI C2

neighbor 207.162.161.x soft-reconfiguration inbound

neighbor 207.162.183.x remote-as 10939

neighbor 207.162.183.x description Paxton Media

neighbor 207.162.183.x ebgp-multihop 10

neighbor 207.162.183.x timers 30 40

neighbor 207.162.183.x soft-reconfiguration inbound

neighbor 207.162.183.x route-map pmg-to-vci in

Router 2

router bgp 1197x

no synchronization

bgp always-compare-med

bgp log-neighbor-changes

bgp dampening

network 20x.162.160.0 mask 255.255.224.0

neighbor 12.118.236.x remote-as 7018

neighbor 12.118.236.x description AT&T

neighbor 12.118.236.x soft-reconfiguration inbound

neighbor 12.118.236.x route-map vci-to-newatt out

no auto-summary

I've watched the BGP debug while the routers were exchanging routes but nothing obvious appeared to me.

Any ideas how I can resolve this?

9 REPLIES 9
Highlighted
Hall of Fame Mentor

First, remove the soft-reconfiguration inbound. It holds another copy of the BGP table causing excessive memory consumption.

Second, when configuring the iBGP, are you also adding the next-hop-self?

Additionally, to avoid becoming a transit network - make sure to advertise only your subnet towards the ISP.

You can do so with the ^$ outbound prefix filter.

Highlighted

I just noticed the router 2 config I pasted above was missing the iBGP entries. Here is the proper display after removing the "soft-reconfiguration inbound" and adding "next-hop-self"

Router 1
See first message.

Router 2

router bgp 11970

no synchronization

bgp always-compare-med

bgp log-neighbor-changes

bgp dampening

network 207.162.160.0 mask 255.255.224.0

neighbor 12.118.236.x remote-as 7018

neighbor 12.118.236.x description AT&T

neighbor 12.118.236.x route-map vci-to-newatt out

neighbor 207.162.161.x remote-as 11970

neighbor 207.162.161.x description VCI C1

neighbor 207.162.161.x next-hop-self

no auto-summary

There was no change when adding the "next-hop-self"

The problem is with the iBGP session between 207.162.161.x on each router. When the BGP session starts the CPU on both routers go to 100%. Router 1 will slowly download routes. Router 2 will download routes, get about halfway, then slowly drops back to zero.

Highlighted

Check your router logs, it seems you may be running out of memory as router can't hold 2 full BGP tables.

Highlighted

No memory problems mentioned in the router logs. These routers previously had 3 full BGP sessions for many years. Right now each router has only one full load. This iBGP session would make a 2nd load on each router.

Highlighted

How many prefixes are expected for each peer? What's the router model and amount of RAM. Send a show ip bgp summ to the post.

Regards

==========================
http://www.rConfig.com

A free, open source network device configuration management tool, customizable to your needs!

Sent from Cisco Technical Support iPhone App

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
Highlighted

Both routers are Cisco 3845 with 1 gig memory. Both are running IOS 12.4(10)

Here is the "show ip bgp sum" from both routers.

The 199.36.132.x and 12.118.236.x peers are upstream (my providers) and the 207.162.183.x is downstream (a customer). The iBGP is between the two bolded 207.162.161.x peers (both AS 11970). The iBGP is currently disabled because it doesn't work as described in my previous messages here.

Router 1

c1#show ip bgp sum

BGP router identifier 207.162.161.x, local AS number 11970

BGP table version is 19979696, main routing table version 19979696

432869 network entries using 50645673 bytes of memory

432869 path entries using 22509188 bytes of memory

77417/77180 BGP path/bestpath attribute entries using 9599708 bytes of memory

62234 BGP AS-PATH entries using 2043598 bytes of memory

10513 BGP community entries using 875780 bytes of memory

14 BGP extended community entries using 336 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 85674283 total bytes of memory

Dampening enabled. 80 history paths, 733 dampened paths

BGP activity 1937357/1504488 prefixes, 4144467/3711598 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

199.36.132.x    4 23248 11384970  134727 19979668    0    0 5w0d       432780

207.162.161.x  4 11970  296429  378303        0    0    0 19:52:14 Idle (Admin)

207.162.183.x  4 10939  303015 3476381 19979667    0    0 5d11h           1

Router 2

c2#show ip bgp sum

BGP router identifier 207.162.161.x, local AS number 11970

BGP table version is 21528907, main routing table version 21528907

431090 network entries using 50437530 bytes of memory

431090 path entries using 22416680 bytes of memory

69341/69259 BGP path/bestpath attribute entries using 8598284 bytes of memory

59980 BGP AS-PATH entries using 1581362 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 83033856 total bytes of memory

Dampening enabled. 66 history paths, 362 dampened paths

BGP activity 2455405/2024314 prefixes, 5938729/5507638 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

12.118.236.x    4  7018 14822232  518296 21528907    0    0 1w2d       431017

207.162.161.x  4 11970  124750   90010        0    0    0 19:50:33 Idle (Admin)

Highlighted

During the high CPU condition, which process was consuming the most cycles? IP Input or BGP?

Did you capture the output? If so, please post it.

Highlighted
VIP Mentor

Hello,

As Edision Ortiz as suggested, Make sure you AS is not a transit AS for the ISP's

ip as-path access-list 10 permit ^$

router 1

router bgp 11970

neighbor 199.36.132.x filter-list 10 out

router 2

router bgp 11970

neighbor 12.118.236.x filter-list 10 out

bgp  outbound order preference will look at this filter list prior to the route-map.

res

Paul

Please don't forget to rate this post if it has been helpful.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

My config is working. In the end all I added was the "next-hop-self" to both routers. yesterday, I started the session between both routers to gather debugging info I observed the same results... high C1 CPU and an initial download of routes to C2 followed by a decreasing number of routes. However, after a few minutes the C1 CPU went back to normal and the number of routes on the C2 router levelled out at about 28,000. C1 was holding nearly a full load. Traffic is moving between the two routers as it should.

The process that was going high on C1 was the "BGP Router" process.

I may change my BGP config to use the filter-list as mentioned above. I am currently using a route-map to control my advertisements.