Monday, July 14, 2008

BGP - maximum-prefix command

The network:

[R5]---[R6]

R5 connects to R6 via EBGP
R5 is 172.14.45.5
R6 is 172.14.45.6

R6 is advertising 10 networks to R5:

R5#show ip bgp | inc 45\.6
*> 6.0.0.0/24 172.14.45.6 0 0 65000 i
*> 6.0.1.0/24 172.14.45.6 0 0 65000 i
*> 6.0.2.0/24 172.14.45.6 0 0 65000 i
*> 6.0.3.0/24 172.14.45.6 0 0 65000 i
*> 6.0.4.0/24 172.14.45.6 0 0 65000 i
*> 6.0.5.0/24 172.14.45.6 0 0 65000 i
*> 6.0.6.0/24 172.14.45.6 0 0 65000 i
*> 6.0.7.0/24 172.14.45.6 0 0 65000 i
*> 6.0.8.0/24 172.14.45.6 0 0 65000 i
*> 6.0.9.0/24 172.14.45.6 0 0 65000 i


I am going to play with a few options of the maximum-prefix command and see the effect. First let's configure a maximum of 8 routes:

R5(config)#router bgp 65005
R5(config-router)#neighbor 172.14.45.6 maximum-prefix 8
R5(config-router)#
.Jul 14 20:45:41.467: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Down Maximum-Prefix restart timeout
.Jul 14 20:46:10.519: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Up
.Jul 14 20:46:11.919: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 7, max 8
.Jul 14 20:46:11.927: %BGP-3-MAXPFXEXCEED: No. of prefix received from 172.14.45.6 (afi 0): 9 exceed limit 8
.Jul 14 20:46:11.931: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Down BGP Notification sent
.Jul 14 20:46:11.931: %BGP-3-NOTIFICATION: sent to neighbor 172.14.45.6 3/1 (update malformed) 0 bytes
R5(config-router)# FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0058 0200 0000 1940 0
101 0040 0204 0201 FDE8 4003 04AC 0E2D 0680 0404 0000 0000 1806 0009 1806 0008 1
806 0007 1806 0006 1806 0005 1806 0004 1806 0003 1806 0002 1806 0001 1806 0000


Notice that the nighbor tried to come up after I configured the max. It never tried to come up again after going down the second time. Now the neighbor has the following output (much of the output is omitted):

R5#show clock
.20:50:26.655 UTC Mon Jul 14 2008
R5#


R5#show ip bgp neighbor 172.14.45.6
...
Peer had exceeded the max. no. of prefixes configured.
Maximum prefixes allowed 8
Threshold for warning message 75%
Reduce the no. of prefix and clear ip bgp 172.14.45.6 to restore peering


We can also configure the router to try and establush the connection again after the max limit is reached and the connection is brought down:

R5(config)#router bgp 65005
R5(config-router)#neighbor 172.14.45.6 maximum-prefix 8 restart 1


Here is a sample of the output, the connection tries to re-establish but then drops because the max-prefix limit is reached:

R5#
.Jul 14 20:53:16.779: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Up
.Jul 14 20:53:16.811: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 7, max 8
.Jul 14 20:53:16.819: %BGP-3-MAXPFXEXCEED: No. of prefix received from 172.14.45.6 (afi 0): 9 exceed limit 8
.Jul 14 20:53:16.823: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Down BGP Notification sent
.Jul 14 20:53:16.827: %BGP-3-NOTIFICATION: sent to neighbor 172.14.45.6 3/1 (update malformed) 0 bytes
.Jul 14 20:54:15.999: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Up
.Jul 14 20:54:16.011: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 7, max 8
.Jul 14 20:54:16.015: %BGP-3-MAXPFXEXCEED: No. of prefix received from 172.14.45.6 (afi 0): 9 exceed limit 8
.Jul 14 20:54:16.023: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Down BGP Notification sent
.Jul 14 20:54:16.023: %BGP-3-NOTIFICATION: sent to neighbor 172.14.45.6 3/1 (update malformed) 0 bytes
.Jul 14 20:55:41.311: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Up
.Jul 14 20:55:41.355: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 7, max 8
.Jul 14 20:55:41.359: %BGP-3-MAXPFXEXCEED: No. of prefix received from 172.14.45.6 (afi 0): 9 exceed limit 8
.Jul 14 20:55:41.363: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Down BGP Notification sent
.Jul 14 20:55:41.367: %BGP-3-NOTIFICATION: sent to neighbor 172.14.45.6 3/1 (update malformed) 0 bytes


We can also configure a percentage to give us a warning. Here we configure the percantge to 75 of 8 (6) while disabling 3 of the loopbacks on R6:

R5(config)#router bgp 65005
R5(config-router)#neighbor 172.14.45.6 maximum-prefix 8 7

.Jul 14 21:00:08.226: %BGP-5-ADJCHANGE: neighbor 172.14.45.6 Up
.Jul 14 21:00:08.234: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 7, max 8


The connection stays up:

R5#show ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.14.45.6 4 65000 186 177 224 0 0 00:00:33 7


Lastly, we can configure a warning-only which doesn't bring down the connection:

R5(config)#router bgp 65005
R5(config-router)#neighbor 172.14.45.6 maximum-prefix 8 75 warning-only

.Jul 14 21:01:53.614: %BGP-4-MAXPFX: No. of prefix received from 172.14.45.6 (afi 0) reaches 8, max 8
.Jul 14 21:02:24.046: %BGP-3-MAXPFXEXCEED: No. of prefix received from 172.14.45.6 (afi 0): 9 exceed limit 8


The connection stays up:

R5#show ip bgp summary | be Ne
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.14.45.6 4 65000 190 181 226 0 0 00:02:41 9


This was a quick and dirty blog. Hopefully by reading this every now and then you get an idea about how the max-prefix option works.

2 comments:

Note: Only a member of this blog may post a comment.