BGP flapping, high CPU load

VictorAKur · ‎09-18-2007

Hi we have come across this problem on one of our 6506 with SUP2 switches when some BGP neighbors start flapping, that causes high CPU load and then we believe THAT causes more BGP connections to drop and then CPU is stuck in 100% and the neighbors start going up and down randomly, until the box reloads itself due to a software error (we have quite a lot of peers on this connection).

At least this is what we believe has been happening.

I have spoken to the circuit provider and they have not seen any drops on the actual circuit.

Could anyone tell me if this idea has anything in it?

a.alekseev · ‎09-18-2007

could you show the output?

#sh ip bgp nei | i max data

VictorAKur · ‎09-18-2007

Hi please find attached the output of the command:

JORGE RODRIGUEZ · ‎09-18-2007

Is this issue all of the sudden appeared or happens frequently?

also issue this command to see the amount of CPU util for BGP processes.

" show process cpu | include BGP "

what is the circuit type t1?, if t1 it could be that you are probably bursting causing circuit to bounce.

does your logs indicates up/down circuit

Jorge Rodriguez

VictorAKur · ‎09-18-2007

The issue appeared a couple of days ago and has haapend a few times since. BGP router is normally around 2.1% untill a couple of hosts start flapping, then goes up to 100% and generally stays there.

The connection is a copper 100Mb twisted pair. Uncupped as far as I know. (it is a LAN link to our BGP peer network).

We get something about 128000 routes on this box by the way.

JORGE RODRIGUEZ · ‎09-18-2007

when you say couple of hosts do you mean bgp peers ?

Jorge Rodriguez

VictorAKur · ‎09-19-2007

Sorry - peers.

avmabe · ‎09-18-2007

So you are taking 128K IPV4 routes into the SUP2? I don't have a hard link, but I'm pretty sure you are close to the max (if not at or over) of IPv4 routes for that engine. This has to do with the FIB TCAM and CEF. I'll try to find a link, but even the SUP720-3B maxes out at 256K total, of which less than 200K are for IPv4 by default.

avmabe · ‎09-18-2007

I did find this....

There are 256K route entries (Sup2), which

are cut in half, if Unicast RPF is enabled

?

The following IP packets cannot be

forwarded in hardware

Packets with IP options set

Packets with TTL<=1

Packets that require fragmentation

VictorAKur · ‎09-19-2007

I am somewhat confused actually - this is what I gwt off the box:

switch>sh ip rout sum

IP routing table name is Default-IP-Routing-Table(0)

Route Source Networks Subnets Overhead Memory (bytes)

connected 2 6 948 1280

static 0 2 216 320

ospf 20799 6 61 5376 10720

Intra-area: 32 Inter-area: 0 External-1: 0 External-2: 35

NSSA External-1: 0 NSSA External-2: 0

bgp 20799 125705 104368 14724672 37092180

External: 195216 Internal: 34850 Local: 7

internal 2806 3311080

Total 128519 104437 14731212 40415580

ie - 128519 routes

While cisco output intepriter is saying there are 232000 routes there.

Am I reading the output the wron way?

avmabe · ‎09-19-2007

do a "show ip bgp sum"

VictorAKur · ‎09-19-2007

Bingo! Over 230000 routes then.

avmabe · ‎09-19-2007

Time to put in a SUP720BXL (I'd actually look into the RSP720CXL). Don't forget you have to upgrade power and fans.