01-26-2013 06:22 AM - edited 03-04-2019 06:51 PM
I have two Cisco 3845 routers running as multihomed to two larger ISPs with BGP4.
I am trying to configure iBGP between the two routers. When I activate the BGP on both routers one router will download routes slowly while the other router downloads routes and then those routers slowly disappear. I see the routers disappear by doing a "show ip bgp sum" and notice the routes received goes up and then slowly drops to zero while the other router is still receiving more routes. The CPU on both routers goes to 100% the entire time.
The BGP config on each router is straight forward.
Router 1
router bgp 1197x
no synchronization
bgp always-compare-med
bgp log-neighbor-changes
bgp dampening
network 20x.162.160.0 mask 255.255.224.0
neighbor 199.36.132.x remote-as 23248
neighbor 199.36.132.x description PPS
neighbor 199.36.132.x update-source GigabitEthernet0/1
neighbor 199.36.132.x soft-reconfiguration inbound
neighbor 199.36.132.x route-map pps-to-vci in
neighbor 199.36.132.x route-map vci-to-pps out
neighbor 207.162.161.x remote-as 11970
neighbor 207.162.161.x description VCI C2
neighbor 207.162.161.x soft-reconfiguration inbound
neighbor 207.162.183.x remote-as 10939
neighbor 207.162.183.x description Paxton Media
neighbor 207.162.183.x ebgp-multihop 10
neighbor 207.162.183.x timers 30 40
neighbor 207.162.183.x soft-reconfiguration inbound
neighbor 207.162.183.x route-map pmg-to-vci in
Router 2
router bgp 1197x
no synchronization
bgp always-compare-med
bgp log-neighbor-changes
bgp dampening
network 20x.162.160.0 mask 255.255.224.0
neighbor 12.118.236.x remote-as 7018
neighbor 12.118.236.x description AT&T
neighbor 12.118.236.x soft-reconfiguration inbound
neighbor 12.118.236.x route-map vci-to-newatt out
no auto-summary
I've watched the BGP debug while the routers were exchanging routes but nothing obvious appeared to me.
Any ideas how I can resolve this?
01-26-2013 08:45 AM
First, remove the soft-reconfiguration inbound. It holds another copy of the BGP table causing excessive memory consumption.
Second, when configuring the iBGP, are you also adding the next-hop-self?
Additionally, to avoid becoming a transit network - make sure to advertise only your subnet towards the ISP.
You can do so with the ^$ outbound prefix filter.
01-26-2013 12:32 PM
I just noticed the router 2 config I pasted above was missing the iBGP entries. Here is the proper display after removing the "soft-reconfiguration inbound" and adding "next-hop-self"
Router 1
See first message.
Router 2
router bgp 11970
no synchronization
bgp always-compare-med
bgp log-neighbor-changes
bgp dampening
network 207.162.160.0 mask 255.255.224.0
neighbor 12.118.236.x remote-as 7018
neighbor 12.118.236.x description AT&T
neighbor 12.118.236.x route-map vci-to-newatt out
neighbor 207.162.161.x remote-as 11970
neighbor 207.162.161.x description VCI C1
neighbor 207.162.161.x next-hop-self
no auto-summary
There was no change when adding the "next-hop-self"
The problem is with the iBGP session between 207.162.161.x on each router. When the BGP session starts the CPU on both routers go to 100%. Router 1 will slowly download routes. Router 2 will download routes, get about halfway, then slowly drops back to zero.
01-26-2013 02:39 PM
Check your router logs, it seems you may be running out of memory as router can't hold 2 full BGP tables.
01-26-2013 02:52 PM
No memory problems mentioned in the router logs. These routers previously had 3 full BGP sessions for many years. Right now each router has only one full load. This iBGP session would make a 2nd load on each router.
01-27-2013 01:03 AM
How many prefixes are expected for each peer? What's the router model and amount of RAM. Send a show ip bgp summ to the post.
Regards
==========================
http://www.rConfig.com
A free, open source network device configuration management tool, customizable to your needs!
Sent from Cisco Technical Support iPhone App
01-27-2013 07:59 AM
Both routers are Cisco 3845 with 1 gig memory. Both are running IOS 12.4(10)
Here is the "show ip bgp sum" from both routers.
The 199.36.132.x and 12.118.236.x peers are upstream (my providers) and the 207.162.183.x is downstream (a customer). The iBGP is between the two bolded 207.162.161.x peers (both AS 11970). The iBGP is currently disabled because it doesn't work as described in my previous messages here.
Router 1
c1#show ip bgp sum
BGP router identifier 207.162.161.x, local AS number 11970
BGP table version is 19979696, main routing table version 19979696
432869 network entries using 50645673 bytes of memory
432869 path entries using 22509188 bytes of memory
77417/77180 BGP path/bestpath attribute entries using 9599708 bytes of memory
62234 BGP AS-PATH entries using 2043598 bytes of memory
10513 BGP community entries using 875780 bytes of memory
14 BGP extended community entries using 336 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 85674283 total bytes of memory
Dampening enabled. 80 history paths, 733 dampened paths
BGP activity 1937357/1504488 prefixes, 4144467/3711598 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
199.36.132.x 4 23248 11384970 134727 19979668 0 0 5w0d 432780
207.162.161.x 4 11970 296429 378303 0 0 0 19:52:14 Idle (Admin)
207.162.183.x 4 10939 303015 3476381 19979667 0 0 5d11h 1
Router 2
c2#show ip bgp sum
BGP router identifier 207.162.161.x, local AS number 11970
BGP table version is 21528907, main routing table version 21528907
431090 network entries using 50437530 bytes of memory
431090 path entries using 22416680 bytes of memory
69341/69259 BGP path/bestpath attribute entries using 8598284 bytes of memory
59980 BGP AS-PATH entries using 1581362 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 83033856 total bytes of memory
Dampening enabled. 66 history paths, 362 dampened paths
BGP activity 2455405/2024314 prefixes, 5938729/5507638 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
12.118.236.x 4 7018 14822232 518296 21528907 0 0 1w2d 431017
207.162.161.x 4 11970 124750 90010 0 0 0 19:50:33 Idle (Admin)
01-28-2013 07:41 AM
During the high CPU condition, which process was consuming the most cycles? IP Input or BGP?
Did you capture the output? If so, please post it.
01-27-2013 01:48 PM
Hello,
As Edision Ortiz as suggested, Make sure you AS is not a transit AS for the ISP's
ip as-path access-list 10 permit ^$
router 1
router bgp 11970
neighbor 199.36.132.x filter-list 10 out
router 2
router bgp 11970
neighbor 12.118.236.x filter-list 10 out
bgp outbound order preference will look at this filter list prior to the route-map.
res
Paul
Please don't forget to rate this post if it has been helpful.
01-29-2013 06:24 AM
My config is working. In the end all I added was the "next-hop-self" to both routers. yesterday, I started the session between both routers to gather debugging info I observed the same results... high C1 CPU and an initial download of routes to C2 followed by a decreasing number of routes. However, after a few minutes the C1 CPU went back to normal and the number of routes on the C2 router levelled out at about 28,000. C1 was holding nearly a full load. Traffic is moving between the two routers as it should.
The process that was going high on C1 was the "BGP Router" process.
I may change my BGP config to use the filter-list as mentioned above. I am currently using a route-map to control my advertisements.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: