Upload
bertrand-duvivier
View
458
Download
7
Tags:
Embed Size (px)
Citation preview
Cisco Confidential 1© 2013 Cisco and/or its affiliates. All rights reserved.
BGP Graceful Maintenanace
IOS XR 5.3.2, July 2015
Advertise routes with a lower preference to allow alternate
routes to take over before taking down a link or router.
This avoids transient incorrect routing during convergence
when a link or router is taken out of service.
This is important when BGP convergence takes many
seconds or even minutes.
BGP Graceful Maintenance overview
The Problem
DUT
SourceDestination
Alternate
1
2
3
4
1. Take down DUT
2. Packets drop
3. Alternate announces
4. Packets resume
A router is unable to forward to a
destination if a withdrawal arrives before
the advertisement of its alternate route
The Solution
DUT
SourceDestination
Alternate
1
2
3
4
5. Take down DUT
2. Packets continue
3. Alternate announces
4. Packets reroute
1. Announce Lower Preference
1
5
Putting a BGP session into Graceful Maintenance
Two things happen
1. Routes from that neighbor are sent to others with GSHUT
2. Routes to that neighbor are sent with GSHUT
DUT
Gshut
Link
DUT
Gshut
Link
Route with GSHUT community and possibly other preference lowering attributes added
Regular route advertisement
GSHUT attribute vs. community
Routes received from a GSHUT neighbor are marked with a GSHUT attribute to distinguish them from routes received with the GSHUT community.
When a neighbor is taken out of maintenance, the attribute on its paths is removed, but not the community.
RP/0/0/CPU0:R1#sh bgp 5.5.5.5/32
...
Local, (Received from a RR-client)
12.12.12.5 from 12.12.12.5 (192.168.0.5)
Origin incomplete, metric 0, localpref 100, valid, internal, best, group-best, import-candidate, graceful-shut
Received Path ID 0, Local Path ID 1, version 13
...
RP/0/0/CPU0:R4#sh bgp 5.5.5.5
...
10.10.10.1 from 10.10.10.1 (192.168.0.5)
Received Label 24000
Origin incomplete, metric 0, localpref 100, valid, internal, best, group-best, import-candidate
Received Path ID 0, Local Path ID 1, version 4
Community: graceful-shutdown
Originator: 192.168.0.5, Cluster list: 192.168.0.1
...
Attribute
Community
Lowering the route preference
By default, just add the GSHUT communityOptionally, can also add LOCAL_PREF and AS_PATH prepends.
Note: This is done after outbound policy is applied.
neighbor 666.0.0.1
remote-as 65000
graceful-maintenance
local-preference 4
as-prepends 3
Any routes with the GSHUT attributeANDAll routes if this neighbor has graceful-maintenance activated
will be sent to this neighbor withGSHUT community, LOCAL_PREF=4 and 3 AS_PATH prepends.(LOCAL_PREF will not be sent to EBGP neighbors)
Activating graceful-maintenance
Globally: for all neighbors
neighbor 666.0.0.1
remote-as 65000
graceful-maintenance
activate
Activate a single neighbor
router bgp 65000
graceful-maintenance activate all-neighbors retain-routes
Without this, only neighbors with
graceful-maintenance configuration
will activate
RIB will retain BGP
routes when BGP
process is stopped
neighbor-group test
graceful-maintenance
activate
Activate a whole neighbor group
graceful-maintenance and Graceful Shutdown
The “graceful-maintenance activate” configuration does not disappear after shutdown.
It also works at session bringup time.
Use the “no” keyword to remove graceful-maintenance activation after bringup is complete.
RP/0/0/CPU0:R1(config)#router bgp 1
RP/0/0/CPU0:R1(config-bgp)#no graceful-maintenance
RP/0/0/CPU0:R1(config-bgp)# neighbor 666.0.0.1
RP/0/0/CPU0:R1(config-bgp-nbr)#graceful-maintenance
RP/0/0/CPU0:R1(config-nbr-gshut)#no activate
Removing the global activation
For a single neighbor
When to Shutdown
A router or link can be shut down after the network has converged as a result of a graceful-maintenance activation.
Convergence can take from less than a second up to more than an hour.
Unfortunately, a single router cannot know when a whole network has converged.
After graceful-maintenance activation, it can take a few seconds to start sending updates. Then The “InQ” and “OutQ” of neighbors in the “show bgp summary” command indicates the level of BGP messaging.
Neighbors should stop sending traffic to this router. If they do not have alternate routes, they will not stop.
Don’t forget
Sending GSHUT to another AS can cause churn in far away networks
If this router is the only source of a route, then GSHUT does not help.
RP/0/0/CPU0:R1(config-bgp)# neighbor 666.0.0.1
RP/0/0/CPU0:R1(config-bgp-nbr)#address-family ipv4 unicast
RP/0/0/CPU0:R1(config-bgp-nbr-af)#send-community-gshut-ebgp
send-community-gshut-ebgp must be configured under neighbor address
family of an EBGP neighbor for this router to add the GSHUT community.
This does not affect a GSHUT community that was received on a route from another source. For that, use send-community-ebgp.
References
1. http://tools.ietf.org/html/draft-ietf-grow-bgp-gshut-06
2. http://tools.ietf.org/html/rfc6198
Thank you.