High CPU - BGP

Unanswered Question
Sep 27th, 2002
User Badges:

Hello, I'm having an issue with high cpu due to BGP. Once a minute, the cpu spikes above 50%, for about 5 seconds. It directly coincides with the BGP scanner process. We're having connectivity problems, and many user complaints. I've looked at the tech docs for troubleshooting, and optimization, and can't find any problms. Any help would be greatly appreciated.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
d-rathman Fri, 09/27/2002 - 10:25
User Badges:

Are you multi-homed via two ISP's? Do you have router filters in-place so that your AS is not acting as a transit AS?

masoderberg Fri, 09/27/2002 - 10:50
User Badges:

Yes, What should the route filter look like. I'm not sure if it is correct...

ip as-path access-list 1 permit ^(_14849)+$

ip as-path access-list 1 permit ^$

Does an ip access-list have to be configured also?

d-rathman Fri, 09/27/2002 - 11:21
User Badges:

On our ISP border routers, we are just using:

ip as-path access-list 1 permit ^$

the ^$ only allows routes that originate in your AS to be announced on your BGP links. Take a look at the following: http://www.cisco.com/warp/customer/459/27.html I'm not a regular expression expert, so I'm not quite sure what what your first expression is allowing. Do you have some customers that you are running BGP with?

steve.barlow Fri, 09/27/2002 - 07:52
User Badges:
  • Silver, 250 points or more

What type of router, how much memory?

How many peers does the router have?

How many routes in the table?

Is it possible to cut back on some routes (eg accept upstream's routes and directly connected customers routes only, or only defaults, or some combo)?


masoderberg Fri, 09/27/2002 - 10:34
User Badges:

7206, 256 Mb, 2 peers.

BGP table version is 662712, main routing table version 662712

112850 network entries and 225386 paths using 19060346 bytes of memory

41665 BGP path attribute entries using 2167204 bytes of memory

36216 BGP AS-PATH entries using 934364 bytes of memory

1283 BGP community entries using 113708 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

23870 BGP filter-list cache entries using 286440 bytes of memory

Dampening enabled. 233 history paths, 361 dampened paths

BGP activity 227688/247530 prefixes, 567858/342472 paths, scan interval 15 secs

We are an ISP with 5000 customers, and feel we need full routes. We'd appreciated any help.

Thanks, Michelle

steve.barlow Fri, 09/27/2002 - 11:28
User Badges:
  • Silver, 250 points or more

You are running CEF (hopefully all interfaces), can't cut back on the routes, only peer with 2, and aren't a transit AS (try and use only "ip as-path access-list 20 permit ^$" unless you have a specific reason).

Check if you have a memory leak, some process not releases resources.

Per Cisco: "BGP scanner walks the BGP table to update any data structures and walks the routing table for route redistribution purposes. (In this context, the routing table is also known as the routing information base (RIB), which the router outputs when you execute the show ip route command). Both tables are stored separately in the router's memory and can be very large, thus consuming CPU cycles." Runs once per minute.

Conclusion: Do you have the npe-400? It can have 512MB. Get the extra memory. I think the road you will end up travelling (sooner or later) is moving towards that.


masoderberg Fri, 09/27/2002 - 11:45
User Badges:

I'm runnin ip cef as a global command. Should I have it on the interface as well?

steve.barlow Fri, 09/27/2002 - 11:48
User Badges:
  • Silver, 250 points or more

if enabled in global, it will enable it on all interfaces that can support it. Just make sure it is using the default of per destination and not per packet (which would increase your CPU load even more).


masoderberg Fri, 09/27/2002 - 12:07
User Badges:

Also, I have NPE300. Any idea how to determine if a route is flapping?

steve.barlow Fri, 09/27/2002 - 14:59
User Badges:
  • Silver, 250 points or more

The npe-300's max memory is 256Mb, that's why I mentioned the 400, it can have 512Mb. To see if a route is flapping do a "show ip bgp flap-statistics". I noticed in your previous post you had bgp dampening enabled, so should help your ibgp peers. And of course the old show ip route and do a manual eye-ball of routes that are new (painful but works).



This Discussion