Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1740
Views
0
Helpful
2
Replies

LDP neighbor | Need for hello hold time| TCP session keep alive timer

sarahr202
Level 5
Level 5

‎01-10-2017 10:59 AM - edited ‎03-08-2019 08:51 AM

Hi everybody,

Please consider the following example:

R2--24.24.24.2---LDP--24.24.24.4- f1/0-R4

R2 and R4 has LDP neighbor relationship established, they also have TCP session established.

Next, I apply ACL under f1/0 denying all TCP  incoming on R4:

R4#show access-lists 101
Extended IP access list 101
10 deny tcp any any (120 matches)
20 permit ip any any (201 matches)

R4(config)#int f1/0
R4(config-if)#ip access-group 101 in

Jan 10 11:39:31.823: %LDP-5-NBRCHG: LDP Neighbor 24.24.24.2:0 (1) is DOWN (Session KeepAlive Timer expired)

Above we can see LDP neighbor is down because Session KeepAlive Timer expired.

Next we modify ACL 101 , allowing TCP but denying UDP.

R4#show access-lists 101
Extended IP access list 101
10 permit tcp any any (6 matches)
20 deny udp any any (6 matches)
30 permit ip any any (1 match)

Jan 10 11:50:51.115: %LDP-5-NBRCHG: LDP Neighbor 24.24.24.2:0 (1) is DOWN (Discovery Hello Hold Timer expired

Above we see LDP neighbor is down because Discovery Hello Hold Timer expired.

Question:

Both Hold time and session keep alive timer above achieve the same result to  determine if LDP neighbor is down or not. (  you may argue session keep alive timer is to declare TCP session being down but effectively it means LDP neighbor is also down as shown above), so why  cant' we use one timer to determine if LDP neighbor is down for e.g  hello hold time?

Thanks and have a nice day!!

Labels:
0 Helpful
2 Replies 2

grindelwaldus
Level 1
Level 1

‎03-02-2017 12:34 PM

I guess the main reason is that TCP session between two LDP neighbors does not necessarily need to be established on the same link that Hello messages are send on.

Refer to the topology on the picture I attached. Let's say we are establishing LDP between R1 and R3's e 0/0, but loopback interfaces are advertised via OSPF not on e 0/0 interfaces, but rather via R1's e 0/1 and R3's e 0/2. So Hello packets are send via one interfaces and TCP keepalives via another. (Can't really think of case where you would need configuration like this, but anyway)

If only Hello packets are used for checking if our neighbor is down, we won't be able to determine if there's problem with TCP session (for example, if R2 goes down), so that's why you need both type of messages.

.

0 Helpful

sarahr202
Level 5
Level 5
In response to grindelwaldus

‎03-02-2017 12:37 PM

Thanks, Let me digest this:)   Long day , not much brain power left.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card