Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

The meaning of flags like "import-candidate", "import suspected" in the output of "show bgp "

The detailed output of "show bgp" may contain flags like import-candidate, imported and import suspect. The following document aims to explain these flags and when they are used.

Example:

RP/0/RSP0/CPU0:Router#sh bgp vrf foo 10.0.1.16

Mon Jun 28 15:02:55.072 JST

BGP routing table entry for 10.0.1.16/32, Route Distinguisher: 9592:1

Versions:

Process           bRIB/RIB  SendTblVer

Speaker               3161        3161

   Local Label: 16031

Last Modified: Jun 28 15:01:52.249 for 00:01:02

Paths: (4 available, best #3)

Advertised to PE update-groups (with more than one peer):

   0.2

Path #1: Received by speaker 0

65182

   10.0.1.7 (metric 3) from 10.0.1.9 (10.0.1.7)

     Received Label 16026

     Origin IGP, metric 0, localpref 100, valid, internal, import-candidate, imported, import suspect

     Extended community: SoO:9592:13 RT:9592:1

     Originator: 10.0.1.7, Cluster list: 0.0.0.1

Path #2: Received by speaker 0

65182

   10.0.1.7 (metric 3) from 10.0.1.10 (10.0.1.7)

     Received Label 16026

     Origin IGP, metric 0, localpref 100, valid, internal, import-candidate, imported, import suspect

     Extended community: SoO:9592:13 RT:9592:1

     Originator: 10.0.1.7, Cluster list: 0.0.0.1

Path #3: Received by speaker 0

65182

   172.16.0.14 from 172.16.0.14 (10.0.1.14)

     Origin IGP, metric 0, localpref 100, valid, external, best, import-candidate, import suspect

     Extended community: SoO:9592:14 RT:9592:1 SoO:9592:14

Path #4: Received by speaker 0

65182, (received-only)

   172.16.0.14 from 172.16.0.14 (10.0.1.14)

     Origin IGP, metric 0, localpref 100, valid, external, import suspect

Import-Candidate

IOS-XR has the concept of an "import-candidate" flag on each VPN/ VRF path. If it is set, the path can be imported to other VRFs. In BGP, during the bestpath selection process, the best bath is marked as "import-candidate". Other paths may marked as "import-candidate" if they satisfy the following conditions:

  1. If the Path is a VPN path and has the same local and remote RD, the path is always an "import-candidate". (2) is not considered.
  2. Apart from (1), paths satisfying all the below conditions will be "import-candidate":

  • The path’s net should have a bestpath
  • Selective multipath configuration should not deny this path
  • Path should not be an accept-own self-originated path
  • AS-Path Multipath relax is configured AND the number of AS-hops for the path equals that of bestpath
  • AS-Path Multipath relax is not configured AND the AS-Path sequence for the path equals that of bestpath
  • Path’s nexthop is not same as bestpath’s nexthop
  • If we reach this place, then the path is marked as "import-candidate"

Global routing table

From IOS-XR version 4.3.1 onwards we we support importing default-VRF (global) IPv4/IPv6 unicast routes into VRFs. Therefore, the flag is also  applied on BGP paths in the default (global) VRF.

The flag is used in the VPN topology only when import is triggered. When a change in the table (version) takes place, the import thread would do a versioned work, touch each (source) prefix that has changed, check if anything else has changed, prepare an RT-set that combines RTs of all the  "import-candidate" paths, and visit all VRFs whose import RTs match this RT-set.

For each such (destination) table, it would check its max-paths config. If, for instance, "max-path ibgp 2" config is present for a destination table, then both the paths for RD1:p/m would be imported to that table. Otherwise, only the bestpath would be imported.

When the primary RR session goes down, the path will be deleted immediately and the second path will be promoted to be the bestpath. Import will then be triggered to replace the currently imported path with the new path for each destination table. This would not lead to any traffic loss.

Import Suspected

This flag is used for import dampening. If a path for a given net/prefix flaps for the first time, the path is marked as “import suspect”. If a second flap happens in the “import suspect” state, the net is skipped from import processing for 10 seconds. This is to reduce import churn.

After the “timeout”, or if no further flaps are observed, the suspect states are cleared. A “flap” happens when a path changes from being imported to being not imported even if the attributes are not changed.

Version history
Revision #:
1 of 1
Last update:
‎10-24-2013 06:56 AM
Updated by:
 
Labels (1)