Hi Giuseppe,

Thanks for your reply. So just to confirm even though the firewall is in between (Its not participating in BGP routing and there is a default route configured to send traffic outbound) than if there is a RP switchover traffic will still be forwarded to the device that had the switchover and that device will in turn continue to forward traffic based on its cached information in the forwarding plane?

Also in order to negotiate graceful restart between the peers what timers would be recommended

1. For Graceful Restart

2. BGP Keepalive/Holdown

3. HSRP

If you could provide some detail on how all these timers would interact that would be great as well. Thx for helping.

Hello Vikram,

I think I have already answered; however here are my replies:

1) graceful restart and NSF are more a question of capabilities exchanged during BGP session setup rather then a question of timers

2) BGP timers can be aggressive but I think they need to be bigger then HSRP timers: in other words there is no use on dropping the BGP session but this should not happen during graceful restart where the NSF helping device hides the NSF capable switchover.

In any case if the other side has not declared a graceful restart BGP timers apply to the session.

3) HSRP swithover happens in 3 times the hello frequency and it should be faster then BGP holdtime.

Hope to help

Giuseppe

Hi Giuseppe,

Thanks for the reply. I was trying to get a relationship between the BGP graceful-restart restart-timer and the BGP neighbor holddown time and BGP graceful-restart stalepath-time and the BGP neighbor holdown time.

Per recommendations in cisco documents it seems that the BGP restart-time for Graceful Restart should be less than the BGP hold time. This does make sense as I assume that if there is a notification message sent to tear down the session and there is no open message sent as required by the Graceful Restart mechanism it would be useless. Could you please confirm if my understanding is correct on that?

Also currently I have configured a hello/hold time of 3 and 9 seconds respectively for the neighbor relationship across the firewall.

In addition also configured the BGP GR restart-time to be 6 seconds however the stalepath time is configured for 120 seconds.

This would mean that if there was a switchover on the control plane than there should be a OPEN message sent by the restarting peer within 6 seconds and if that does not happen than it will reset the neighbor relationship within 9 seconds.

If the open message is received within 6 seconds than it will continue to forward the traffic along the stalepath for a period of 120 seconds. Are these timers suitable or would they be too aggressive? Thx

Hi, can anyone pls confirm if

1. There is any relationship between the BGP neighbor hold Timer and the BGP graceful restart and stalepath timer.

2. Does BGP Graceful restart work with a ipv4 VRF neighbor on one side and a normal ipv4 neighbor on the other side.

3. Do the IGP Timers have to be tweaked and is there any relationship between IGP Timers and BGP NSF.

4. Do any other BGP timers need to be tweaked. (scan time, Adv interval etc)

Thx