Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Configuring and Troubleshooting BGP with Cisco expert Mansoor Omer. Mansoor is a Senior Customer Support Engineer for Routing Protocols at the Technical Assistance Center in San Jose, Cisco Systems, Inc. His current responsibilities include escalations in which he troubleshoots complex issues related to routing protocols. He also provides training, and authors documentation. Feel free to post any questions relating to Configuring and Troubleshooting BGP. Remember to use the rating system to let Mansoor know if youve received an adequate response.
Mansoor might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through September 19. Visit this forum often to view responses to your questions and the questions of other community members.
Hello Mansoor I have a question for you that also regards EIGRP.
Is there an appropriate classification for what type of Protocol's EIGRP and BGP are (linkstate, distance vector) ? This arguement comes up a lot and different book's seem to have different answers to this.
How would you classify these and why ?
EIGRP is an enhanced distance vector protocol, relying on the Diffused Update Algorithm (DUAL) to calculate the shortest path to a destination within a network. The basic theory behind it is as follows:
Consider the following topology
A typical distance vector protocol saves the following information when computing the best path to a destination: the distance (total metric or distance, such as hop count) and the vector (the next hop). For instance, all the routers in the network in Figure 1 are running Routing Information Protocol (RIP). Router Two chooses the path to Network 10.10.10.0 by examining the hop count through each available path.
Since the path through Router Three is three hops, and the path through Router One is two hop, Router Two chooses the path through One and discards the information it learned through Three. If the path between Router One and Network 10.10.10.0 goes down, Router Two loses all connectivity with this destination until it times out the route of its routing table (three update periods, or 90 seconds), and Router Three re-advertises the route (which occurs every 30 seconds in RIP). Not including any hold-down time, it will take between 90 and 120 seconds for Router Two to switch the path from Router One to Router Three.
EIGRP, instead of counting on full periodic updates to re-converge, builds a topology table from each of its neighbor's advertisements (rather than discarding the data), and converges by either looking for a likely loop-free route in the topology table, or, if it knows of no other route, by querying its neighbors. Router Two saves the information it received from both Routers One and Three. It chooses the path through One as its best path (the successor) and the path through Three as a loop-free path (a feasible successor). When the path through Router One becomes unavailable, Router Two examines its topology table and, finding a feasible successor, begins using the path through Three immediately.
EIGRP is a Interior Gateway Protocol (IGP) which is used as routing protocol inside your network but if you want to get connected to the internet then you use Border Gateway Protocol ( BGP ).
With BGP two systems form a transport protocol connection between one another. They exchange messages to open and confirm the connection parameters. The initial data flow is the entire BGP routing table.Incremental updates are sent as the routing tables change. BGP does not require periodic refresh of the entire BGP routing table. Therefore, a BGP speaker must retain the current version of the entire BGP routing tables of all of its peers for the duration of the connection. KeepAlive messages are sent periodically to ensure the liveness of the connection. Notification messages are sent in response to errors or special conditions. If a connection encounters an error condition, a notification message is sent and the connection is closed.
Hope this helps. Let me know if you have any other questions.
Thanks for your response. That really helps me a lot.
If it wouldn't be to much to ask could you provide me with your e mail ? I am new to routing protocol's and I am being thrown into them in the fast lane. If you wouldn't mind I would like to ask you questions from time to time (of course if you are not busy).
My email is email@example.com. I will be more than happy to answer your questions. If you have any difficulty in configuring or troubleshooting routing protocols you can also open up a TAC case.
Can you provide some insight or point me to a source about BGP community tagging, and setting community variables. How does this work in a multi AS network? There does'nt seem to be much documentation out there that i can find.
And also what does the "set ip next-hop peer address" mean?
The BGP community path attribute is an optional transitive attribute of variable length [1,2]. The attribute consists of a set of four octet values, each of which specify a community. The community attribute values are encoded using an AS number in the first two octets, with the remaining two octets defined by the AS. As defined in , a community is a group of destinations (i.e. prefixes) that share some common attribute. Each destination can belong to multiple communities. All prefixes with the community attribute belong to the communities listed in the attribute.
I would refer you to the RFC 1998:An Application of the BGP Community Attribute in Multi-home Routing. Let me know if you have any questions.
When set ip next-hop is used with the peer-address keyword in an inbound route map of a BGP peer, the next hop of the received matching routes will be set to be the neighbor peering address, overriding any third-party next hops. This means that the same route map can be applied to multiple BGP peers to override third-party next hops.
When set ip next-hop is used with the peer-address keyword in an outbound route map of a BGP peer, the next hop of the advertised matching routes will be set to be the peering address of the local router, thus disabling the next hop calculation. The set ip next-hop command has finer granularity than the per-neighbor neighbor next-hop-self command, because you can set the next hop for some routes, but not others. The neighbor next-hop-self command sets the next hop for all routes sent to that neighbor.
Hope this helps.
Hi! I'm new to BGP so please bear with me. What is the minimum requirement to run BGP. currently I have 2500 routers but with only the following specs.
cisco 2500 (68030) processor (revision N) with 2048K/2048K bytes of memory.
Processor board ID 11158549, with hardware revision 00000001
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
will this be sufficient?
You can run BGP on these routers, but you won't be able to accept much more than a default route. I doubt you'll be able to accept much more than a partial table from the Internet on these routers even if you fully upgrade them to maximum nenory, etc.
If, however, you're using them to connect an extranet, with just a couple of routes, or maybe in the 10's of routes, they would probably work fine. Or in a lab, as well, as long as you don't drive your route count up too much.
Thanks for the help Guys. Actually I'd just be running it in a Lab environment. ANyway, what would be the minimum hardware requirement if I'd be running a full route? In a few weeks from now, I'd be connecting our network to the internet and we're trying to determine the right hardware. Maybe one with at least the minimum requirement. Thanks again.
As Russ pointed out. You will be able to run BGP on this router but will not be able to accept more than a default. What I would recommend instead of running bgp just use static route pointing to your ISP and let the ISP do the routing for you.
If you want to run BGP then ask the ISP to advertise just the default rout and to run BGP you need to have your own AS number. If you dont have it then you can apply it from www.arin.net.
Mansoor, we are currently having issues with the BGP scanner process using too much CPU. It happens every few minutes so I assume it is when the scanner is walking the RIB and verifying next hops.
If we use regular expressions to only allow prefixes from directly connected AS's will this decrease the amount of CPU utilization on the router?
example for AS 100
ip as-path access-list 2 permit ^100_[0-9]*$
You are correct the BGP scanner walks through the BGP RIB table and performs important maintenance tasks.These tasks include checking the next-hop referenced in the router's BGP table and verifying that the next-hop devices can be reached. Thus, a large BGP table takes an equivalently large amount of time to be walked and validated.
Since BGP Scanner runs through the entire BGP table, the duration of the high CPU condition varies with the number of neighbors and the number of routes learned per neighbor. Use the show ip bgp summary and show ip route summary commands to capture this information.
The duration of the high CPU condition varies based on a number of conditions, in particular the size of the Internet routing table and the number of routes that a particular router holds in its routing and BGP tables. So if you reduce the routes you are receiving from the internet by using the as-path access-list then you will notice a reduction in time. Also you should not see any latency while pinging through the router even though the BGP scanner is high. The link below will help you in troubleshooting high cpu due to BGP scanner and router. Hope this helps.
We are about to implement BGP failover for our network. We are a small ISP so we will be holding the full routing table. From my understanding the 7301 router and catalyst 4500 switch series can both do this. What I cannot discover is which would provide the best routing performance for this scenario.
We have a 7206 router in which when i give sh ip bgp neighbors the cpu utilisation is peaking upto 55%.normally the cpu util is 2 to 4 % once i give this command it peaks upto this much ..is this a normal one or any tuning to be done.we hv links with 2 upstream providers.
i hve pasted the ios vers/mem/cpu(speed)
System image file is "slot1:c7200-p-mz.121-8a.E4.bin"
cisco 7206VXR (NPE300) processor (revision D) with 122880K/40960K bytes of memory.
Processor board ID 21273176
R7000 CPU at 262Mhz, Implementation 39, Rev 2.1, 256KB L2, 2048KB L3 Cache
6 slot VXR midplane, Version 2.0
Show ip bgp neighbor command should not peak the cpu utilization to 55%. Does the cpu stays at 55% after the command is executed? Do you know which process is taking up the cpu utilzation. You can find out by doing the command " show process cpu". If the cpu utilization spikes up only when the command is executed I would recommend opening up a TAC case and have an engineer work on it. Hope this helps.
The 7300 and the catalyst 4500 both can hold the BGP routing table as long as you have enough memory in them. The Cisco 7300 Internet Router is designed for the network edge where high performance IP services are required to enable profitability, service differentiation, and business agility.
Cisco 7300 delivers an evolving set of hardware accelerated IP Services via the Cisco patented Parallel eXpress Forwarding (PXF) IP Services Processor technology. Providing a range of IP optical connectivity from T3/STM-1 to Gigabit Ethernet, OC-48 performance, an architecture engineered for high availability, and multi-protocol support, the Cisco 7300 is the optical evolution of Cisco System's mid-range routers.
The Cisco 4500-M is a midrange router that employs RISC technology for high-performance WAN solutions. It is modular and compatible with existing Cisco 4000 NPMs.
So in this scenario I would recommend you use the 7300 router instead of the catalyst 4500. Hope this helps. Let me know if you have any other questions.
We have a multi-site setup, EIGRP throughout. Each site has a firewall with a DMZ. There are multiple routers on each DMZ. We want to use BGP through the firewall(s) to create site redundancy. The question of AS comes up. We've decided to have an internal AS (100 and 200) for each site, which includes the DMZs. UUNet has already assigned an AS to the Internet routers on the outside and BGP peering already exists outside the firewall. What's the best way to "start" introducing BGP to the inside of the network so that we can make this happen?
A pity this is ending today, but hope this question will still get answered. In what situations is Route Reflectors and confederation needed. As in, like how many number of routers in IBGP, in what topology, will it be recommended that one uses these features. Thank you.
Hmmm... You could tunnel EIGRP through between the sites, as well. For running BGP, just pick a couple of private numbers, unless you already have a number (which it sounds like you don't have). 65000 and 65001 would do nicely.
What you probably want to do is just configure the edge routers with BGP, and redistribute from BGP into EIGRP at both points. Make certain you tag the routes in EIGRP, so they don't get redistributed back into BGP:
I would like to be able to get the total number of prefixes as well as the number of prefixes from each BGP neighbor from my internet routers via SNMP. I have searched the Cisco SNMP object navigator but am unable to find an OID that will give me just a total for either of these. Does something like this exist? I am running IOS 12.3 on the routers in question.