09-21-2011 03:07 PM - edited 03-07-2019 02:21 AM
BGP4 Session Goes Down receiving FULL Routers from providers
CONF
router bgp 22999
no synchronization
bgp log-neighbor-changes
bgp maxas-limit 254
network 196.12.173.0
aggregate-address 196.12.173.0 255.255.255.0 summary-only
neighbor 64.247.171.17 remote-as 11992
neighbor 64.247.171.17 version 4
neighbor 64.247.171.17 soft-reconfiguration inbound
neighbor 64.247.171.17 distribute-list ramallo_in in
neighbor 64.247.171.17 distribute-list ramallo_out out
neighbor 196.12.168.202 remote-as 11367
neighbor 196.12.168.202 ebgp-multihop 2
neighbor 196.12.168.202 version 4
neighbor 196.12.168.202 next-hop-self
neighbor 196.12.168.202 soft-reconfiguration inbound
neighbor 196.12.168.202 distribute-list ramallo_out out
SHOW VERSION
Router# show ver
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M3, REL
EASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Sun 18-Jul-10 03:32 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)
Router uptime is 1 week, 10 hours, 11 minutes
System returned to ROM by power-on
System image file is "flash0:c2900-universalk9-mz.SPA.150-1.M3.bin"
Last reload type: Normal Reload
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco CISCO2911/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FTX1445A1W4
3 Gigabit Ethernet interfaces
2 Serial interfaces
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
SHOW LOG
*Sep 21 21:58:09.107: %BGP-3-NOTIFICATION: sent to neighbor 196.12.168.202 3/1 (
update malformed) 0 bytes
*Sep 21 21:58:09.107: %BGP-4-MSGDUMP: unsupported or mal-formatted message recei
ved from 196.12.168.202:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 00BB 0200 0000 2440 0101 0040 0216 0205
0000 2C67 0000 392E 0000 329C 0000 4BE5 0000 6D21 4003 04C4 0CA8 CA18 BE61 8B18
BE61 9818 BE61 9118 BE61 8F18 BE61 8318 BE61 9F18 BE61 9718 BE61 9618 BE61 9918
BE61 9E18 BE61 9C18 BE61 9B18 BE61 9D18 BE61 8C18 BE61 8118 BE61 9318 BE61 8E18
BE61 9418 BE61 9518 BE61 9A18 BE61 8218 BE61 8D18 BE61 9218 BE61 8918 BE61 8618
BE61 8518 BE61 8818 BE61 8A18 BE61 8718 BE61 8418 BE61 8018 BE61 90
*Sep 21 21:58:09.107: %BGP-4-BGP_OUT_OF_MEMORY: BGP resetting because of memory
exhaustion.
*Sep 21 21:58:19.895: %BGP-5-ADJCHANGE: neighbor 64.247.171.17 Down No memory
*Sep 21 21:58:19.895: %BGP_SESSION-5-ADJCHANGE: neighbor 64.247.171.17 IPv4 Unic
ast topology base removed from session No memory
*Sep 21 21:58:19.895: %BGP_SESSION-5-ADJCHANGE: neighbor 196.12.168.202 IPv4 Uni
cast topology base removed from session BGP Notification sent
*Sep 21 21:58:28.707: %BGP-5-ADJCHANGE: neighbor 64.247.171.17 Up
*Sep 21 21:58:31.267: %BGP-5-ADJCHANGE: neighbor 196.12.168.202 Up
*Sep 21 21:58:35.607: %SYS-5-CONFIG_I: Configured from console by vty0 (196.12.1
73.25)
*Sep 21 22:02:35.387: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed
from 0x2342E9A8, alignment 0
Pool: Processor Free: 125144 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "BGP Router", ipl= 0, pid= 239, -Traceback= 0x2340604Cz 0x23423490z
0x21AF2D38z 0x21AA5C80z 0x21AA5FB0z 0x21B63554z 0x21B63E58z 0x21AC7844z 0x21AC7D
04z 0x21AC83A8z
*Sep 21 22:02:35.387: %BGP-5-ADJCHANGE: neighbor 196.12.168.202 Down BGP Notific
ation sent
*Sep 21 22:02:35.387: %BGP-3-NOTIFICATION: sent to neighbor 196.12.168.202 3/1 (
update malformed) 0 bytes
*Sep 21 22:02:35.387: %BGP-4-MSGDUMP: unsupported or mal-formatted message recei
ved from 196.12.168.202:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0061 0200 0000 3240 0101 0040 0216 0205
0000 2C67 0000 392E 0000 329C 0000 6D52 0000 1B89 4003 04C4 0CA8 CA40 0600 C007
0800 001B 89C8 3BC4 C618 C83D 1018 C83D 1A18 C83B 3C18 C829 D618 BA00 D417 BA00
D0
*Sep 21 22:02:35.387: %BGP-4-BGP_OUT_OF_MEMORY: BGP resetting because of memory
exhaustion.
*Sep 21 22:02:46.379: %BGP-5-ADJCHANGE: neighbor 64.247.171.17 Down No memory
*Sep 21 22:02:46.379: %BGP_SESSION-5-ADJCHANGE: neighbor 64.247.171.17 IPv4 Unic
ast topology base removed from session No memory
*Sep 21 22:02:46.379: %BGP_SESSION-5-ADJCHANGE: neighbor 196.12.168.202 IPv4 Uni
cast topology base removed from session BGP Notification sent
*Sep 21 22:03:00.319: %BGP-5-ADJCHANGE: neighbor 196.12.168.202 Up
*Sep 21 22:03:01.347: %BGP-5-ADJCHANGE: neighbor 64.247.171.17 Up
Router#
Any ideas?
09-21-2011 03:20 PM
I don't think you have enough horsepower for all bgp routes, note the number of
SYS-2-MALLOCFAIL nessages.
Do you NEED all the routes ?
09-21-2011 03:23 PM
A C2911 with 512 it is enough :-( ???
09-21-2011 03:28 PM
No, the 29xx series is more of a remote branch router. here is a clip from 2008 to give you an idea:
BGP table version is 4727126, main routing table version 4727126
284303 network entries
using 28714603 bytes of memory
9076734 path entries using 435683232 bytes of memory
1527630 BGP path attribute entries using 85555176 bytes of memory
1292500 BGP AS-PATH entries using 34542132 bytes of memory
23279 BGP community entries using 1673428 bytes of memory
17 BGP extended community entries using 508 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 586169079 total bytes of memory
trust me, it has not shrunk.
But back to the question, do you need all the routes or can you function with a default?
09-21-2011 03:39 PM
Is more efficient having all routes?
09-21-2011 03:50 PM
My take is, unless you are a tier 1 or tier 2 provider, accepting a default for the internet will be more efficient.
How many Links and how many different providers are you going to connect to?
If you are a small office, probably just 1, in which case thats the only route to the internet.
If you have 2 providers, there are still ways to keep it simple.
09-21-2011 03:58 PM
two providers 10mb each
100 +/-
several servers
09-21-2011 04:04 PM
Ok, sounds reasonable.
What you need to consider is how to use 2 providers.
Prmary and back up ?
Load share ?
stuff like that.
A lot will depend on how you plan on firewalling traffic also.
Consider laying out a design, posting it here, and moving ahead from there. A lot of these folks, (Like Mr. Marshall below) have a a depth of experience in design, but you need to decide what the design parameters are.
09-21-2011 04:06 PM
load share.
09-21-2011 03:25 PM
You need about 512Mb just for one BGP peer to receive full routes. You are receiving the full routing table from 2 providers by the looks of it which means you have nowhere near enough RAM - you have 512MB RAM on your router. From Cisco doc -
To store a complete global BGP routing table from one BGP peer, it is best to have a minimum of 512 MB or 1 GB of RAM in the router. If 256 MB of RAM is used, it is recommended that you use more route filters. If you use 512 MB of RAM, more Internet routes can be placed in the routing table with fewer route filters
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a83.shtml
So you either need to filter the routes you are receiving from your providers or you need a router with more memory.
Jon
09-21-2011 04:42 PM
Hi
disable "soft-reconfiguration inbound" on both peers (see below).
soft-reconfiguration stores another copy of the BGP table prior to applying any filters! Not recommend when receiving the full Internet routing table.
router bgp 22999
no neighbor 64.247.171.17 soft-reconfiguration inbound
no neighbor 196.12.168.202 soft-reconfiguration inbound
09-21-2011 09:33 PM
Kevin,
Very good point! In fact, the soft-reconfiguration inbound is a fossil that should not be used at all anymore. Since all reasonable BGP implementations now support the ROUTE REFRESH per RFC 2918, there is no point in having the soft-reconfiguration still configured. I would put it even stronger than you did: the soft-reconfiguration is not recommended at all. It is amazing for me to see how often are people still configuring it.
Best regards,
Peter
09-23-2011 04:56 AM
ok. i took the soft-conf feature.
still I am having the same problem.
09-23-2011 06:10 AM
Romualdo,
If deactivating the soft-reconfiguration did not help then your router is simply unable to hold so many BGP routes in its memory. You can either add more RAM or - what everyone has asked you to do - start filtering out unnecessary routes more aggressively. It is as plain as that.
Best regards,
Peter
09-23-2011 09:55 AM
Why would you want full Internet routes if you aren't a provider ?
I still think that trying to get this to work on a 29xx is a waste of time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide