BGP Quick Guide : how to clear the BGP routing table, and speedup the convergence

it's may be a good practice to clear the routing table to speed up the BGP table Convergence process, but how ?
well there are plenty of options,
1) Hard clear of the neighbor :
commands:

  • clear ip bgp <A.B.C.D> (ex, R1#clear ip bgp 1.2.3.4 )
  • clear ip bgp * (* = all neighbors and not just one.)
    this option clears the BGP neighbor relationship (removes the neighboring relationship then negotiate it again. )
    this option may be Okay for the exam environment , but this may never be the best solution the real environment , why not ??
    well , because the BGP internet table might be a 100's of thousands of Paths (IP addresses) , so if you hard clear the neighbors , you will lose all your routes and neighboring relationship, and will have to wait for BGP to renegotiate the neighboring relationship.

2) soft Clear :
commands:

  • clear ip bgp * in (clears only inbound updates, asking the neighbor to send updates again)*
  • clear ip bgp * out (clears it's outbound updates, sending the neighbor newer updates )
  • clear ip bgp <A.B.C.D> soft (this command clears both inbound and outbound updates)
  • clear ip bgp <A.B.C.D> soft in (clears only inbound updates, asking the neighbor to send updates again)*
  • clear ip bgp <A.B.C.D> soft out (clears it's outbound updates, sending the neighbor newer updates )*
    soft clear is basically a clearing of the routing table either inbound or outbound (performing what is called a "Route Refresh"), requesting newer updates from the neighboring BGP table (when used inbound) or sending newer updates from our Local BGP table to our neighbors (when used outbound)
    Note: there's nothing special about the outbound behavior other than what i explained
    Inbound Behavior explained in depth :
    (the previous description of soft reconfiguration is the default behavior when the "soft-reconfiguration inbound" feature is NOT activated)

  • When soft-reconfiguration inbound is activated :

    when this option(or feature) is activated, the router will create a backup of the routes received from his neighbor(s) before applying any filters or features to those routes. (let's call this backup table the "SOFT TABLE")
    so when you initiate a soft clear to the neighbor(s) (as shown in the commands above) then the router initiating the command will do the following steps

  1. check the if there are any filters or route-maps toward that neighbor.
  2. instead of sending a request of a refresh(asking the neighbor for updates
    again,hence Route-Refresh), the route will instead only use his "SOFT TABLE" and
    apply those filters(from step one, if existed) to the routes in the "SOFT TABLE"

now the million dollar Question : HOW DO I ACTIVATE soft-reconfiguration inbound ?
simple, here's how
enable
configure terminal
router bgp
neighbor <A.B.C.D> soft-reconfiguration inbound

*Disclaimer :
although there are more clear options for the BGP protocol, i have only describe the protocols relevant to the CCNP Blueprint, or CCIE for IPv4 Address-family.

If you need me, @Bugazia Me, and i'll be there .

«1

Comments

  • eg. prefixed 172.26.1.0/24 is announced to provider A, now change provider and announced to Provider B, soft clear don't work then how do we find out where is the problem occur. Local side or remote side (provider end). NO HARD CLEAR.

  • JoeMJoeM ✭✭✭

    Off the top of my head (without a vrf):

    show ip bgp neighbor x.x.x.x advertised-routes
    what are we advertising?

    show ip bgp
    to see the state of the local bgp table

    debug bgp updates <in|out|cr> <- debug updates in or out or all.
    As I remember using this command, this debug would actually say why a prefix was discarded.

    with a vrf.....show bgp vpnv4 un vrf VRF-NAME blah blah blah ....

  • BugaziaBugazia ✭✭✭

    @baula
    let's assume that we have two router's : R1 (the Advertiser with Router-ID 1.1.1.11) and R2 (the Receiver, with Router-ID 2.2.2.2)
    try the following on the Advertiser side :
    Show ip bgp neighbor advertised-routes (eg. Show ip bgp neigh 2.2.2.2 advertised-routes )
    this should show you the Routes that the advertiser is advertising to the neighbor.

    • if the 172.26.1.0/24 route doesn't show in the list of routes advertised to the neighbor , then it means that the problem is from the advertiser Router.
    • but what if it Does show up ? (what if the 172.26.1.0/24 is in that list of advertised routes to the neighbor ?) then this means that the route is being advertised but it's not accepted from the other side (perhaps rejected for some reason or even filtered ), how can we make sure ? simple :
      try the following on the receiver's Address :
      debug ip bgp 1.1.1.1 updates
      then do a soft clear inbound from the receiver side , and read from the debug whether R2 (the receiver) is receiving the route but rejecting it, or is it not receiving it at all?
      further more, you can see what routes is R2 receiving and filtering from it's BGP table by activating the soft-reconfiguration inbound (from R2 side), like this :wink:
      enable
      configure terminal
      router bgp
      neighbor 1.1.1.1 soft-reconfiguration inbound
      Now R2 will save all received routes from it's neighbor R1 (1.1.1.1) before even filtering them
      next, clear inbound updates from neighbor again (using clear ip bgp * in ) and after that look at the newly-activated routing table :
      Show ip bgp neighbor 1.1.1.1 received-routes
      if the routes show up in this table, then it means that R2 is recieving the routes, but is filtering them for some reason (an inbound access-list for example..)
      i hope that my answer helps you solve the problem, lemme know if you have anymore questions :)

    If you need me, @Bugazia Me, and i'll be there .

  • Hi Bugazia,

    When I debug the update this message is shown

    .Jun 16 13:18:38.476: BGP(0): xxx.xxx.xxx.xxx rcvd xx.xxx.xxx.0/24...duplicate ignored

  • Hi Bugazia,
    Please note that I don't have access to receiver router, because its Provider router, so I only see advertise route towards receiver....I received full route and we have multihoming, we need to manage prefixed as per bandwidth utilization, I guess you understand me clearly....in this situation how do I check whether the problem at sender or receiver side.

  • BugaziaBugazia ✭✭✭

    @baula said:
    Hi Bugazia,

    When I debug the update this message is shown

    .Jun 16 13:18:38.476: BGP(0): xxx.xxx.xxx.xxx rcvd xx.xxx.xxx.0/24...duplicate ignored

    let me first analyze the debug output you just sent me:
    Jun 16 13:18:38.476: BGP(0): XXX.XXX.XXX.XXX rcvd YY.YY.YY.0/24...duplicate
    (XXX.XXX.XXX..etc is the Neigbor's Address, and YY.YY.YYY.0/24 is the prefix that's being advertised by that neighbor )
    basically ,this output is Only saying, that you received an Identical(repeated) prefix(YY.YY.YY.0/24) from the same neighbor (XX.XX.XX.XX) again, so the router will ignore that duplicate update(which it already has)
    why was this duplicate update sent by our XX.XX.XX.XX neighbor ?
    either one of two reasons :
    1) your neighbor router has initiated the "clear ip bgp <A.B.C.D> soft out"command.
    2) or, you have initiated the "clear ip bgp <A.B.C.D> soft in" command, which i assume you did. right ?

    If you need me, @Bugazia Me, and i'll be there .

  • 100 % Option 2.

  • BugaziaBugazia ✭✭✭

    @baula said:
    Hi Bugazia,
    Please note that I don't have access to receiver router, because its Provider router, so I only see advertise route towards receiver....I received full route and we have multihoming, we need to manage prefixed as per bandwidth utilization, I guess you understand me clearly....in this situation how do I check whether the problem at sender or receiver side.

    from what you're saying, i understand that you are :

    • Multihomed to 2 service Providers (let's say SP1 and SP2).
    • you are receiving route(s) from both SP1 and SP2, and you want utilize the bandwidth by having your Local AS chose ISP1 for some paths and ISP2 for others, am i right?

    If you need me, @Bugazia Me, and i'll be there .

  • BugaziaBugazia ✭✭✭
    edited June 2017

    if my assumption was true, then you need do the following steps :
    1) find out which prefixes is your local router choosing as best(the ones from SP1 or from SP2 ? )
    2) find out why is your local router preferring that SP ? (hence, which best path selection criteria is preferred from that ISP over the other ?)
    3) change that Best_path Criteria so that it becomes more preferred on the desired ISP.
    this has to do with BGP best path selection Algorithm which is a long topic to go through, and needs deeper understanding.

    If you need me, @Bugazia Me, and i'll be there .

  • BugaziaBugazia ✭✭✭

    @baula
    but if you need a quick Fix, then here you go :
    strategy : change the Local preference for the ISP you want to prefer INBOUND.
    lemme know if you wanna do this method and i'll give you the instruction.

    If you need me, @Bugazia Me, and i'll be there .

  • leminhleminh ✭✭

    just do clearing is not enough because it depends on how large is your bgp table, if it contains full internet routing table around 600K prefixes, there other stuffs you can consider such as TCP optimisation.

  • @Bugazia said:

    @baula said:
    Hi Bugazia,
    Please note that I don't have access to receiver router, because its Provider router, so I only see advertise route towards receiver....I received full route and we have multihoming, we need to manage prefixed as per bandwidth utilization, I guess you understand me clearly....in this situation how do I check whether the problem at sender or receiver side.

    from what you're saying, i understand that you are :

    • Multihomed to 2 service Providers (let's say SP1 and SP2).
    • you are receiving route(s) from both SP1 and SP2, and you want utilize the bandwidth by having your Local AS chose ISP1 for some paths and ISP2 for others, am i right?

    Yes !! You are right, let me clear one thing we are also a SP and have own AS. We received full route from Tier 1 provider.

  • @Bugazia said:
    @baula
    but if you need a quick Fix, then here you go :
    strategy : change the Local preference for the ISP you want to prefer INBOUND.
    lemme know if you wanna do this method and i'll give you the instruction.

    I suppose We don't control the INBOUND with LP, we did it for OUTBOUND with Multi-home. Now problem is while I announce prefixed /24 to SP1, before it was announced to SP2, which is must inbound from SP2, however it was still receiving from SP1, I wanna to know where the problem resist.

  • @leminh said:
    just do clearing is not enough because it depends on how large is your bgp table, if it contains full internet routing table around 600K prefixes, there other stuffs you can consider such as TCP optimisation.

    Yes! we received full route, there was 645k, 2 Tier 1 provider, so we have 1300k,
    TCP optimization, it should be the high end device to achieve this.

  • BugaziaBugazia ✭✭✭

    too many things go into play here. and the thing is i do not fully understand you here, and it's even harder to understand you that you're not providing a Topology .
    could you find someone with a Fluent English to try to explain this?
    sorry.

    If you need me, @Bugazia Me, and i'll be there .

  •                |SP1| & |SP2|
            ------------------------------
            |                             |
          |RT1|                         |RT2|
            |                             |  
            -------------------------------
                  |Route Originator|
                          |
                          |
                     |Distribution|
    

    Hope this will help you understand my situation.
    1. Route Originator forward prefix e.g 172.26.2.0/24 to RT1, then it will forward the route to SP1.
    2. We remove this prefix from prefix-list toward SP1 and add it to prefix-list of SP2.
    3. At this situation some time we find the prefix should INBOUND from SP2, still INBOUND from SP1,
    In such a situation how do I identified where the problem lies.

  • tmanitotmanito ✭✭✭

    @baula said:
    |SP1| & |SP2|
    ------------------------------
    | |
    |RT1| |RT2|
    | |
    -------------------------------
    |Route Originator|
    |
    |
    |Distribution|

    Hope this will help you understand my situation.
    1. Route Originator forward prefix e.g 172.26.2.0/24 to RT1, then it will forward the route to SP1.
    2. We remove this prefix from prefix-list toward SP1 and add it to prefix-list of SP2.
    3. At this situation some time we find the prefix should INBOUND from SP2, still INBOUND from SP1,
    In such a situation how do I identified where the problem lies.

    that's how slow BGP is

    Hope this helps!

    Timothy Q. Manito

  • ndiayemalickndiayemalick ✭✭
    edited June 2017

    @baula,
    With BGP you control how traffic exits your AS but not how enters your AS. So you have to talk to your upstream provider you have more visibility.
    Also I assume that the 172.26.2.0/24 is a Provider independent (PI) range that belongs to you. Can you confirm. Also is it a subnet of a bigger range (less than /24)? I am asking that because ISP maybe doing BGP with you but also summarization upstream. Usually what they do is have a static route of /XX larger than /24 pointing to you to summarize the route. Hence even though you stop advertising the /24 they still have the /XX painting to you.
    Not to complicate things but many things can happen behind the scene that you do not see unless you speak to your provider.
    BR

  • @ndiayemalick said:
    @baula,
    With BGP you control how traffic exits your AS but not how enters your AS. So you have to talk to your upstream provider you have more visibility.
    Also I assume that the 172.26.2.0/24 is a Provider independent (PI) range that belongs to you. Can you confirm. Also is it a subnet of a bigger range (less than /24)? I am asking that because ISP maybe doing BGP with you but also summarization upstream. Usually what they do is have a static route of /XX larger than /24 pointing to you to summarize the route. Hence even though you stop advertising the /24 they still have the /XX painting to you.
    Not to complicate things but many things can happen behind the scene that you do not see unless you speak to your provider.
    BR

    We have our own AS N we received full route from Tier 1 provider so provider don't need to static route towards us. PI is just an example, I can't expose my IP list here.

    I need to announce /24 to SP1 because I need that particular Route should INBOUND from that SP, Longest prefixed Match.

    Before I talk to my provider, I need to be clear where the problem lies.

  • BugaziaBugazia ✭✭✭

    @baula
    as i said, too many things go into play here,
    i believe you said you have excluded the route from RT1's advertised routes toward ISP1, so it might be either of two:
    1) either ISP1 table has not converged yet, which it should if you initiated the "show ip bgp soft out"
    2) ISP1 table has converged but they are still having a better route towards ISP1 (might be a static entry)

    i suggest either asking for access to their routers, or atleast ask for specific snapshots of the bgp , for example a snapshot of "show ip bgp neighbors

    received routes" from their side.

    If you need me, @Bugazia Me, and i'll be there .

  • BugaziaBugazia ✭✭✭

    clearly this has nothing to do with bgp traffic engineering, since you have excluded the route from RT1's advertised list.

    If you need me, @Bugazia Me, and i'll be there .

  • @Bugazia said:
    @baula
    as i said, too many things go into play here,
    i believe you said you have excluded the route from RT1's advertised routes toward ISP1, so it might be either of two:
    1) either ISP1 table has not converged yet, which it should if you initiated the "show ip bgp soft out"
    2) ISP1 table has converged but they are still having a better route towards ISP1 (might be a static entry)

    i suggest either asking for access to their routers, or atleast ask for specific snapshots of the bgp , for example a snapshot of "show ip bgp neighbors

    received routes" from their side.
    1. This is not new prefix list. Yes we "soft out" but still sometime it isn't received.
    2. Which is not possible, because we need route manipulate frequently, it is clearly known by provider.
  • alexpfalexpf ✭✭

    @baula

    Have SP1 and SP2 agreed to advertise that route space? If yes, one possible way to fix this on your side is to use AS-path prepending. As long as you are not still advertising the route from RT1 in your example, traffic should eventually start flowing to SP2.

    Another way to test is to shutdown your connection to SP1, this will ensure that SP1 does not think that the best way to get to an IP address is through RT1, unless they have a static route set. Without working with SP1 and SP2 in this scenario, you will not be able to determine who the issue is with.

    http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3se/3850/irg-xe-3se-3850-book/irg-prefix-filter.html

    Thanks,

    Alex

  • tmanitotmanito ✭✭✭

    @alexpf he really needs to sort this out with the SP as others don't honor AS Path prepending

    Hope this helps!

    Timothy Q. Manito

  • @baula said:

    @ndiayemalick said:
    @baula,
    With BGP you control how traffic exits your AS but not how enters your AS. So you have to talk to your upstream provider you have more visibility.
    Also I assume that the 172.26.2.0/24 is a Provider independent (PI) range that belongs to you. Can you confirm. Also is it a subnet of a bigger range (less than /24)? I am asking that because ISP maybe doing BGP with you but also summarization upstream. Usually what they do is have a static route of /XX larger than /24 pointing to you to summarize the route. Hence even though you stop advertising the /24 they still have the /XX painting to you.
    Not to complicate things but many things can happen behind the scene that you do not see unless you speak to your provider.
    BR

    We have our own AS N we received full route from Tier 1 provider so provider don't need to static route towards us. PI is just an example, I can't expose my IP list here.

    I need to announce /24 to SP1 because I need that particular Route should INBOUND from that SP, Longest prefixed Match.

    Before I talk to my provider, I need to be clear where the problem lies.

    Are you sure that the ISP is accepting the /24 announcement? Tier 1 providers usually do not accept less than /23 or/22, etc...
    Check with your provider, you might save yourself lot of time because you do not have full view from the other side.

    Best regards.

  • baulabaula
    edited June 2017

    @alexpf said:
    @baula

    Have SP1 and SP2 agreed to advertise that route space? If yes, one possible way to fix this on your side is to use AS-path prepending. As long as you are not still advertising the route from RT1 in your example, traffic should eventually start flowing to SP2.

    Another way to test is to shutdown your connection to SP1, this will ensure that SP1 does not think that the best way to get to an IP address is through RT1, unless they have a static route set. Without working with SP1 and SP2 in this scenario, you will not be able to determine who the issue is with.

    http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3se/3850/irg-xe-3se-3850-book/irg-prefix-filter.html

    Thanks,

    Alex

    Thank you for you effort.

    We have Multiple Prefix-list eg /19 /20 and /23, What is the best BGP tuning application.
    I would like to know is there way "something like BGP looking glass" where I can find out the error is on SP side or my side.

    With out Hard Reset. Last but not the least we have to do Hard reset. Hope they do not penalty us.

  • @ndiayemalick said:

    @baula said:

    @ndiayemalick said:
    @baula,
    With BGP you control how traffic exits your AS but not how enters your AS. So you have to talk to your upstream provider you have more visibility.
    Also I assume that the 172.26.2.0/24 is a Provider independent (PI) range that belongs to you. Can you confirm. Also is it a subnet of a bigger range (less than /24)? I am asking that because ISP maybe doing BGP with you but also summarization upstream. Usually what they do is have a static route of /XX larger than /24 pointing to you to summarize the route. Hence even though you stop advertising the /24 they still have the /XX painting to you.
    Not to complicate things but many things can happen behind the scene that you do not see unless you speak to your provider.
    BR

    We have our own AS N we received full route from Tier 1 provider so provider don't need to static route towards us. PI is just an example, I can't expose my IP list here.

    I need to announce /24 to SP1 because I need that particular Route should INBOUND from that SP, Longest prefixed Match.

    Before I talk to my provider, I need to be clear where the problem lies.

    Are you sure that the ISP is accepting the /24 announcement? Tier 1 providers usually do not accept less than /23 or/22, etc...
    Check with your provider, you might save yourself lot of time because you do not have full view from the other side.

    Best regards.

    No! we can announce /24 or greater on BGP. Its a rule.

  • BugaziaBugazia ✭✭✭

    @baula
    here you go
    http://www.routeviews.org/
    this website will give you access to Routers on Tire 1 providers, btw those routers are not in a production , BASICALLY WHAT I MEAN IS THAT THEY'RE LIKE SERVERS.
    so they're only there to receive the Full bgp Routing table.

    headsup, some of those routers are Juniper, and others are Cisco. and you can only have access to some View commands, good luck ! :)

    If you need me, @Bugazia Me, and i'll be there .

  • @Bugazia said:
    @baula
    here you go
    http://www.routeviews.org/
    this website will give you access to Routers on Tire 1 providers, btw those routers are not in a production , BASICALLY WHAT I MEAN IS THAT THEY'RE LIKE SERVERS.
    so they're only there to receive the Full bgp Routing table.

    headsup, some of those routers are Juniper, and others are Cisco. and you can only have access to some View commands, good luck ! :)

    But My Chrome don't open it. Is there any special application to open the router.

  • BugaziaBugazia ✭✭✭

    @baula , use one of the links, for example route-views.routeviews.org and Telnet to it.

    If you need me, @Bugazia Me, and i'll be there .

Sign In or Register to comment.