cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2398
Views
5
Helpful
27
Replies

PE Failure convergence time

csco10387876
Level 1
Level 1

Hi,

I would like to know if anyone knew of a way to get sub 1s convergence for MPBGP in case of a PE failure ?

Right no I can get a convergence time of around 4-5s.

The cust lan has 2 connection to the mpls network.

The dely come fro mthe fact that the VRF routing table is not updated with the backup route as soon as the route to the failed Pe is removed from the core igp.

Thanks for any input.

27 Replies 27

guruprasadr
Level 7
Level 7

HI, [Pls Rate if HELPS]

With Primary & Secondary Link is Immediate. Say if your Primary running on BGP towards the Customer is DOWN, Secondary is STATIC, then immediately your Secondary Routes will be available in Routing Table. This will involve only the MAX of 2 / 3 drops (ie., Packet Lost).

Between your PE's you will have only one BGP Session running, so that the Convergence will actually depend on No.. of Routes on BGP Table, Connectivity between th PE's. As per my understanding & knowledge, it should be less than "30" secs.

Hope I am Informative.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

Thanks,

I will continue to research this issue, i am down to 0.6-1.1 s but will have see if I can get to no packet loss somehow.

Hi,

Can you share how you have achevied 0.6 - 1 sec convergence time.

regards

Anil

using tracking of the bgp routes

track 1 ip route 0.0.0.0 0.0.0.0 reachability

ip vrf TEST

delay up 20 (delay is used to wait for bgp and ldp to converge before sending traffic on it)

standby timers

standby timers msec 200 msec 800

bgp :

ddress-family vpnv4

bgp scan-time import 5

bgp scan-time 5

the connection setup is fairly simple,

two routers at customer with 1 hsrp using those timers, tracking the bgp route

each router is connected to the mpls core (mpls to the cpe)

you need to use RD/router/vrf so that the routes from your cpe are seen 2 time with different RD and can be swapped between them easily.

we are using RR but we nee to change someting as we need to make sure the bgp can import 2 route (command I don't remember. if you give me your e-amil addres I can send you some more detailled configs

Hi,

Mail Id is dans4u@rediffmail.com

Many Thanks

Anil

hi,

can you please send me confis for test topology. I am working for PE redeudancy for our MPLS network. Here each CE is connected to Redundanat PE on each side. I am just wondering how can I acheive subsecond convergence for PE failure. Because for VPN traffic convergence my MP-BGP convergence comes into picture. And this convergence should run into seconds taking into account bgp scan times, bgp adevtisement intervals.....

Can you pls help with your configs for a test topology.

Hi,

In your set-up who is tracking the default route and which feature is using it ?

Why do you mean by "mpls to the CPE" ? Did you configure CSC ?

Anyway to improve convergence time during PE failure in a MPLS-VPN backbone the key is your IGP.

You need to tune your IGP for sub-second convergence and be sure your PEs/RR support BGP Next-Hop-Tracking and BGP selective NHT if you have a default/summary route in your IGP.

If your IGP converge in less than one second, you can decrease the BGP NHT delay from 5s (default) to 1s.

As you already said to bypass the import scanner it's important to have RD per VRF so remote PEs will have both routes in their VRF BGP table.

Also if it's not the default yet, set the MRAI of your PE-CE eBGP and MP-IBGP session to 0s.

To achieve 0 packet lost, you should look at BGP local protect feature (7600 only):

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_pece_lnk_prot_ps6922_TSD_Products_Configuration_Guide_Chapter.html

In any case, you need also to be sure your CEs converge quickly as well.

Finally, it's not recommended to play with the scanner and import timer it could seriously impact the CPU.

HTH

Laurent.

hi,

I am concerned for my MP-iBGP convergence for my end to end VPN routes for PE failure scenario. How much is the min & max times for this convergence that I can acheive. Which method should I use???

My CE is connected to Redundant PE on both the ends & I am using BFD based convergence for my PE-CE routing protocol.

Hi,

Forget the BGP local protect as it covers PE-CE link failure and not PE failure.

Sorry for the mistake.

So everything else in my previous post is still valid to improve convergence time in case of PE failure:

1- Tune your IGP for fast-convergence

2- Tune BGP: NHT feature, MRAI set to 0,..

3- Use one RD per vrf and per PE to avoid the import scanner on the remote PE

The end2end convergence time depends also on the time your CE needs to converge, the number of routes in the VRF,.. but if you implement all those steps, you should be able to converge in few seconds.

HTH

Laurent.

hi,

can you please explain point 3. I am not able to understand how will it improve convergence.

ie. Use one RD per vrf and per PE to avoid the import scanner on the remote PE

Hi,

Using On RD per vrf/pe mean that when you export routes from redundant routers, they will be propagater as 2 saparate route in your mpls backbone -> bgp will be able to use the alternate route faster.

Hi,

RD is prepended to the IPv4 update to create a unique VPNv4 update.

When two PE are connected to the same site, they will export the same IPv4 update.

1- If they use the same RD, they will create the same VPNv4 update and the RR will select only one as best and propagate it to the remote PE.

If the PE selected as best by the RR failed, you loose time as you need to wait for the RR to send the other update. Then on the remote PE you need to wait for the import scanner (every 15s) which will import the translated VPNv4 to IPv4 routes into the VRF.

If you use the one RD per PE per VRF, the RR sees two different VPNv4 updates even if it's the same IPv4 prefix. Remote PEs will install both IPv4 routes into the VRF BGP table and select the best one to install into the VRF RIB.

If the selected PE as best failed, remote PE will converge as soon as they received a withdraw from the RR of even quicker if BGP NHT is supported.

HTH

Laurent.

hi Laurent,

Many thanks for a patient respose.

rgd

Anil

Hi Laurent,

As you said using unique RD per VRF going to help convergance much better and also avoid import scan delay.

We have been discussing this for our network where we have PE1-CE1 (primary) and PE2-CE2(backup), we make that backup using AS path prepand.

So I belive if i use same RD , PE2 will select best path as PE1 due to BGP path selection algorithm (AS path) and if PE1-CE1 link fails due to same RD you also wait complete withdrawl process to happen and then PE2 remove that and selects local as best and then again advertise the same ( again MRIA comes in to picture).

So, My argument was if we use unique RD all this above avoided and remote PE install alternate backup path in FIB quickly once it get withdraw from PE1 due to PE-CE link fail. PE1 failure i guess BGP NH will help better.

Now argument to this was amount of memory utilization due to unique RD per VRF , i had impression that FIB ( in line card) still will have one path only and RIB on RP assuming 12K always have much higher memory so should not be major concern.

Is my understanding valid ? or you have anything to add. You inputs are highly apprcieated.

Regards,

Chintan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: