cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
22799
Views
0
Helpful
16
Replies

BGP Convergence time improvement

Vinayaka Raman
Level 1
Level 1

Failover
=========
I did an admin shut on gi 0/1 of R1..
It took around 3 minutes for R3 and R5 to reflect this change..(to change the path for prefix A)

Failback:
=========
I have enabled Gi 0/1 on R1
It look less than a minute for R3 and R5 to reflected this change.

The failover time needs to be improved as it cause application like office communicator, outlook etc
to kick off the session and prompt for relogin as they failover from primary to secondary path.

1) When there is an actual outage for the Gi 0/1 circuit of R1, will it react the same way.i.e, will R3 and R5 take so long (around
3 minutes) to reflect this change?

2) What and whose BGP timers has to be tuned in order to achieve a quick failover (around 1 minute)?

Regards
Vinayak 

Regards Vinayak
1 Accepted Solution

Accepted Solutions

The problem is that the PE router will wait until the holdtime expiration to invalidate the routes received from the CE. A solution for this case and type of access would be to change the timers to 15 45 or 10 30 or even better, configure BFD, which could detect the failure in the access in milliseconds.

Be aware that the update generation plays a major role in improving the BGP convergence time. The timer that controls the update generation is the minimum advertisement interval:

neighbor advertisement-interval

By default, the values in latest IOS are:

eBGP: 30 seconds

iBGP: 0 seconds

eBGP and iBGP in VRF: 0 seconds

So, in your case I would also change the default to 0 seconds.

Best Regards,

Jose.

View solution in original post

16 Replies 16

Lei Tian
Cisco Employee
Cisco Employee

Hi Vinayak,

Looks like you have default BGP timer on the neighbor. If the neighbor is formed from the interface IP address, interface down should trigger BGP neighbor immediately. If the BGP neighbor is formed from other IP, like loopback, then it will wait for 3 mins. You can tune the BGP timer on either side, the neighbors will negotiate timers when session come up.

HTH,
Lei Tian

Sent from Cisco Technical Support iPhone App

The peering is on the interface ip address everywhere..

the keepalive is 60 and hold time is 180 seconds..

i have attached show ip bgp nei

Regards
Vinayak

Regards Vinayak

Lei Tian
Cisco Employee
Cisco Employee

What kind of link is between the BGP neighbor? Does shutdown the interface on one side triggers the interface down on the other side? How is the backup path learned?

HTH,
Lei Tian

Sent from Cisco Technical Support iPhone App

1) it is an ethernet link just peers from our CE to PE..we do not run MPLS on our CE..it starts from PE.

2) When i shutdown the ethernet WAN interface ..i assume it will be immediately recognized by the PE.

3) On the router R 3, prefix A is learnt via ebgp and ibgp..ebgp is preferred normally and when R1's WAN is shutdown it takes around 3 minutes to purge ebgp route and install ibgp on the fib.

Regards
Vinayak

Regards Vinayak

Lei Tian
Cisco Employee
Cisco Employee

Interface down on CE may not trigger down on PE side, but your CE router should drop BGP neighbor. Can you share the BGP part configuration on your CE? Can you also share the output of 'show IP BGP sum' and 'show IP BGP x.x.x.x' after you shutdown the interface?

HTH,
Lei Tian

Sent from Cisco Technical Support iPhone App

The problem is that the PE router will wait until the holdtime expiration to invalidate the routes received from the CE. A solution for this case and type of access would be to change the timers to 15 45 or 10 30 or even better, configure BFD, which could detect the failure in the access in milliseconds.

Be aware that the update generation plays a major role in improving the BGP convergence time. The timer that controls the update generation is the minimum advertisement interval:

neighbor advertisement-interval

By default, the values in latest IOS are:

eBGP: 30 seconds

iBGP: 0 seconds

eBGP and iBGP in VRF: 0 seconds

So, in your case I would also change the default to 0 seconds.

Best Regards,

Jose.

For configuring BFD, should I make changes on both CE and PE routers?

We manage only CE and just peer with PE via eBGP..

Regards
Vinayak

Regards Vinayak

Yes, in both sides.

ok ..i got the point ..they should be bfd neighbhors..so it should be conigured at both ends..i am not sure how my SP will react for this..

On the other hand if I change my adv interval as 15 45...I dont think PE end should also be configured the same..eBGP peering should negotiate for low timers..is that correct ? will this flap my eBGP session ?

Regards Vinayak

Correct, both are negotiated to the lowest value. You should do a hard reset for the change. I have seen providers using the timers 10 30 and 15 45 in MPLS/VPN environments without problems.

Hi Jose,

One small correction. Only the holdtime is negotiated via the BGP open message.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Jose,

'The problem is that the PE router will wait until the holdtime expiration to invalidate the routes received from the CE. '

This is not the problem here. The problem is shutdown the interface on CE, doesn't trigger eBGP neighbor down on CE. This should be default behavior if neighbor is from the interface IP.

If the CE can detect the link failure and shutdown BGP neighbor, it should failover to the backup iBGP path. The CE router doesnt need to wait for PE router to invalidate routes.

Tune BGP timer, and BFD (if provider agrees to do, and the platfrom supports it) can help, but not the solution for initial problem.

Regards,

Lei Tian

Lei,

yes, if you shutdown the interface, this is the default behavior because bgp fast-external-fallover is activated by default. If it has been disabled, it will wait until the holdtime expiration to tear down the BGP session.

"If the CE can detect the link failure and shutdown BGP neighbor, it  should failover to the backup iBGP path. The CE router doesnt need to  wait for PE router to invalidate routes."

My suggestion is for a real outage. The CE will not detect the link failure in this type of access by default, which is Ethernet. The CE router will failover to the backup, correct, but what happens to the routes that the CE's are sending ? It will be still installed in the primary PE as best routes until it invalidates which will be until holdtime expiration.

Harold,

I think both are negotiated to the smaller value. I have done a quick test and this is the behavior:

R7#show ip bgp neighbors | i keep

  Last read 00:00:01, last write 00:00:02, hold time is 30, keepalive interval is 10 seconds

But it has the default timers configured:

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 10.1.57.5 remote-as 100

no auto-summary

The other peer:

R5#show ip bgp neighbors | i keep

  Last read 00:00:06, last write 00:00:03, hold time is 30, keepalive interval is 10 seconds

  Configured hold time is 30, keepalive interval is 10 seconds

Best Regards,

Jose.

Hi Jose,

All correct, but you are making some assumption here. Which is why I was asking for running and show output.

Regards,

Lei Tian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: