BGP uses TCP port 179 to communicate with other routers.

Introduction :
TCP allows for handling of fragmentation, sequencing, and
reliability (acknowledgement and retransmission) of inter-organization connectivity on public networks, such as the Internet, or private dedicated
communication packet Inter-Router networks. BGP is the only protocol used to exchange networks on the Internet
Communication BGP does not advertise incremental updates or refresh network advertisements like OSPF or
ISIS. BGP prefers stability within the network
The OPEN message is used to establish a BGP adjacency.
Both sides negotiate session capabilities before a BGP OPEN
peering establishes. The OPEN message contains the BGP
version number, ASN of the originating router, Hold ASNs 64,512–65,535 are private ASNs
Time, BGP Identifier, and other optional parameters that ASN 2 byte
Autonomous System ASN 4 4,200,000,000–4,294,967,294 are private
establish the session capabilities .Setting a static BGP
RID is a best practice BGP Numbers ASN BYTE ASNs. RFC 4893
Messages
KEEPALIVE
The Internet Assigned Numbers Authority (IANA) is
responsible for assigning all public ASNs
BGP does not rely on the TCP connection state to ensure
that the neighbors are still alive
UPDATE Well-known mandatory

The Update message advertises any feasible routes, Path Attributes Well-known discretionary
withdraws previously advertised routes, or can do both. An
UPDATE message can act as a Keepalive to reduce NOTIFICATION Optional transitive
unnecessary traffic.
BGP Loop Prevention Optional nontransitive
Fundamentals
The BGP attribute AS_PATH is a well-known mandatory attribute
A Notification message is sent when an error is detected with
the BGP session, such as a hold timer expiring, neighbor and includes a complete listing of all the ASNs that the prefix
capabilities change, or a BGP session reset is requested. This advertisement has traversed from its source AS. The AS_PATH is
causes the BGP connection to close Address Families used as a loop prevention mechanism in the BGP protocol

RFC 2858 added Multi-Protocol BGP (MP-BGP) MBGP

achieves this separation by using the BGP path attributes (PAs)
MP_REACH_NLRI and MP_UNREACH_NLRI. These attributes are
carried inside BGP update messages and are used to carry network
reachability information for different address families.
■ IOS: IOS nodes use the highest IP address of the any up loopback interfaces. If
AFI SAFI Network Layer Information
there is not an up loopback interface, then the highest IP address of any active up 1 1 IPv4 Unicast
1 2 IPv4 Multicast
interfaces becomes the RID when the BGP process initializes. 1 4 IPv4 Unicast with MPLS Label
1 128 MPLS L3VPN IPv4
■ IOS XR: IOS XR nodes use the IP address of the lowest up loopback interface. If 2 1 IPv6 Unicast
2 4 IPv6 Unicast with MPLS Label
there is not any up loopback interfaces, then a value of zero (0.0.0.0) is used and 2 128 MPLS L3VPN IPv6
prevents any BGP adjacencies from forming. 25 65 Virtual Private LAN Service (VPLS)
26 65 Virtual Private Wire Service (VPWS)
25 70 Ethernet VPN (EVPN)
■ NX-OS: NX-OS nodes use the IP address of the lowest up loopback interface. If
Internal BGP (IBGP) Sessions established with an IBGP router that are in the
there is not any up loopback interfaces, then the IP address of the lowest active up
same AS or participate in the same BGP confederation IBGP sessions are
interface becomes the RID when the BGP process initializes. BGP Sessions considered more secure, and some of BGP’s security measures are lowered in
comparison to EBGP.
External BPG (EBGP) Sessions established with a BGP router that are in a
different AS. EBGP prefixes are assigned an AD of 20 upon installing into the
router’s RIB
Every path’s attributes impact the desirability of the route
when a router selects the best path. A BGP router advertises BGP Neighbor States IDLE
only the best path to the neighboring routers BGP Best-Path Calculation
CONNECT ACTIVE
BGP recalculates the best path for a prefix upon
■ BGP next-hop reachability change OPEN SENT
■ Failure of an interface connected to an EBGP peer
■ Redistribution change
OPENCONFIRM
■ Reception of new paths for a route

ESTABLISHED
These attributes are processed in the order listed:
1. Weight -Idle: BGP detects a start event, tries to initiate a TCP connection to the BGP peer, and also listens
2. Local Preference for a new connect from a peer router If an error causes BGP to go back to the Idle state for a second
3. Local originated (network statement, redistribution, aggregation) time
the BGP Process is administratively down.
4. AIGP
the BGP Process is awaiting the next retry attempt.
5. Shortest-AS Path
the BGP is just configure on new neighbor Already established BGP Peering is reset.
6. Origin Type
-Connect : Connect BGP initiates the TCP connection If the 3-way TCP handshake completes, the
7. Lowest MED established BGP Session If successful, it will continue to the OpenSent state. if fails, it will
8. EBGP over IBGP continue to the active state. if BGP reset is send it will move back to the idle state
9. Lowest IGP Next-Hop -Active : Active In this state, BGP starts a new 3-way TCP handshake. If a connection is
10. If both paths are external (EBGP), prefer the first (oldest) established,an Open message is sent, the Hold Timer is set to 4 minutes, and the state moves to
11. Prefer the route that comes from the BGP peer with the lower RID OpenSent. If this attempt for TCP connection fails, the state moves back to the Connect state and
12. Prefer the route with the minimum cluster list length resets the ConnectRetryTimer
13. Prefer the path that comes from the lowest neighbor address -OpenSent : In this state, an Open message has been sent from the originating router and is
BGP Fundamentals 2 awaiting an Open message from the other router the matching open message has not been received
Basic Configuration on IOS ,NX OS and IOS XR from peer. BGP will be waiting for an Open message from the remote BGP neighbor.
-OpenConfirm BGP waits for a Keepalive or Notification message. Upon receipt of a neighbor's
Keepalive. the state is moved to Established. If the hold timer expires. a stop event occurs or a
Notification message is received, and the state moved to idle .
-Established
Adj-RIB-in: Contains the NLRIs in original form before
BGP Tables inbound route policies are processed. The table is purged
after all route policies are processed to save memory
Loc-RIB: Contains all the NLRIs that originated locally
or were received from other BGP peers. After NLRIs pass
the validity and next-hop reachability check, the BGP
best path algorithm selects the best NLRI for a specific
prefix. The Loc-RIB table is the table used for presenting
routes to the ip routing table
Adj-RIB-out: Contains the NLRIs after outbound route
policies have processed

■ Connected Network: The next-hop BGP attribute is set to 0.0.0.0, the origin
attribute is set to i (IGP), and the BGP weight is set to 32,768.
■ Static Route or Routing Protocol: The next-hop BGP attribute is set to the next-
hop IP address in the RIB, the origin attribute is set to i (IGP), the BGP weight is set
to 32,768; and the MED is set to the IGP metric.
 RFC 1966 introduces the concept that an IBGP peering can be
IBGP Advertising the full Scalability: IPv4 networks and
configured so that it reflects routes to another IBGP peer. The
router reflecting routes is known as a route reflector (RR), and continues to increase in size. IGPs
The need for BGP within an AS BGP table into an IGP is
the router receiving reflected routes is a route reflector client cannot scale to that level of routes
Route Reflectors typically occurs when the multiple not a viable solution for
Rule #1: If a RR receives a NLRI from a non-RR client, the Custom Routing: The path could be
RR advertises the NLRI to a RR client. It does not advertise routing policies exist, or when the following reasons:
longer, which would normally be
the NLRI to a non-route-reflector client. transit connectivity is provided
Rule #2: If a RR receives a NLRI from a RR client, it deemed Subo-ptimal from an IGP
between autonomous systems protocol’s perspective
advertises the NLRI to RR client(s) and non-RR client(s).
Even the RR client that sent the advertisement receives a copy
of the route, but it discards the NLRI because it sees itself as
Path Attributes: All the BGP path
the route originator. attributes cannot be maintained
Rule #3: If a RR receives a route from an EBGP peer, it within IGP protocols.
advertises the route to RR client(s) and non-RR client(s).
Loop Prevention in Route Reflectors IBGP peers do not prepend their ASN
ORIGINATOR_ID, an optional nontransitive BGP attribute to the AS_PATH, because the NLRIs
is created by the first route reflector and sets the value to the IBGP Full Mesh would fail the validity check and
RID of the router that injected/advertised the route into the
AS. If the ORIGINATOR_ID is already populated on an
Requirement: would not install the prefix into the IP
NLRI, it should not be overwritten. If a router receives a NLRI routing table RFC 4271
with its RID in the Originator attribute, the NLRI is discarded. IBGP Scalability states that all BGP routers within a
CLUSTER_LIST, a nontransitive BGP attribute, is updated single AS must be fully meshed to
by the route reflector. This attribute is appended (not
overwritten) by the route reflector with its cluster-id. By provide a complete loop-free routing
default this is the BGP identifier. The cluster-id can be set EBGP table and prevent traffic blackholing
with the BGP configuration EBGP peerings are the core best practice is Peering via
command bgp cluster-id cluster-id on IOS and IOS XR component of the BGP protocol on the Loopback Addresses because is more
nodes. NX-OS devices use the command cluster-id cluster-id.
Out-of-Band Route Internet. EBGP is the efficient and preferable
If a route reflector receives a NLRI with its cluster-id in the
Cluster List attribute, the NLRI is discarded Reflectors exchange of network prefixes between
autonomous systems. The following
■ Time to Live (TTL) on BGP
RFC 3065 introduced the concept of BGP confederations behaviors are different on EBGP
as an alternative solution to IBGP full mesh scalability BGP Fundamentals 3 sessions when compared to IBGP
packets is set to one. (TTL on IBGP
issues A confederation consists of sub-ASs known as a packets is set to 255, which allows for
sessions:
Member-AS that combine into a larger AS known as an AS multihop sessions).
Confederation. Member ASs normally use ASNs from the ■ The advertising router modifies the
private ASN range (64512-65535). EBGP peers from the BGP next-hop to the IP address
confederation have no knowledge that they are peering sourcing the BGP connection.
with a confederation, and they reference the confederation ■ The advertising router prepends its
identifier in their configuration EBGP and IBGP
ASN to the existing AS_PATH.
Topologies ■ The receiving router verifies that the
Confederations share behaviors from both IBGP sessions
and EBGP sessions. The changes are as follows: AS_PATH does not contain an ASN
Confederations
■ The AS_PATH attribute contains a subfield called that matches the local routers. BGP
AS_CONFED_SEQUENCE. discards the NLRI if it fails the
The AS_CONFED_SEQUENCE is displayed in parentheses AS_PATH loop prevention check.
before any external ASNs in the AS_PATH. As the route
passes from Member-AS to Member-AS, the
AS_CONFED_SEQUENCE is appended to contain the Combining EBGP sessions with IBGP
Member-AS ASNs. The AS_CONFED_SEQUENCE sessions can cause confusion in
attribute is used to prevent loops, but it is not used (counted) terminology and concepts The most
when choosing shortest AS_PATH. common issue involves the failure of the
■ Route reflectors can be used within the Member-AS like next-hop accessibility.
normal IBGP peerings. IBGP peers do not modify the next-hop
■ The BGP MED attribute is transitive to all other Member- address if the NLRI has a next-hop
ASs, but does not leave the confederation. address other than 0.0.0.0. The next-hop
■ The LOCAL_PREF attribute is transitive to all other address must be resolvable in the global
Member-ASs, but does not leave the confederation. RIB for it to be valid and advertised to
■ IOS XR nodes do not require a route policy when peering other BGP peers.To correct the issue,by
with a different two possible technique
Next-Hop Manipulation
Member-AS, even though the remote-as is different. ■ IGP advertisement. Remember to use
■ The next-hop address for external confederation routes Configuring the next-hop-self address-family the passive interface to prevent an
does not change as the route is exchanged between Member- feature modifies the next-hop address in all accidental
AS to Member-AS. external NLRIs using the IP address of the BGP adjacency from forming. Most IGPs do
■ The AS_CONFED_SEQUENCE is removed from the not provide the filtering capability like
AS_PATH when the route is advertised outside of the
neighbor BGP.
confederation ■ Advertising the networks into BGP
 Summarizing prefixes conserves router resource(s) and accelerates best
path calculation by reducing the size of the table. Summarization also
provides the benefit(s) of stability by reducing routing churn by hiding
route flaps from downstream routers
The two techniques for BGP summarization are the following:
■ Static: Create a static route to Null 0 for the prefix, and then advertise the
network via a network statement. The downfall to this technique is that the summary
route will always be advertised even if the networks are not available.
■ Dynamic: Configure an aggregation network range. When viable routes that
match the network range enter the BGP table, an aggregate route is created. On the
originating router, the aggregated prefix sets the next-hop to Null 0. The route to
Null 0 is automatically created by BGP as a loop-prevention mechanism.
In both methods of route aggregation, a new network prefix with a shorter prefix
length is advertised into BGP. Because the aggregated prefix is a new route, the
summarizing router is the originator for the new aggregate route
summary-only – suppress all less specific, by
default the aggregate does not do that
Flexible Route Suppression
Some traffic engineering designs require “leaking”
routes, which is the advertisement of a subset of
more specific routes in addition to performing the
summary
Leaking Suppressed Routes The
summary-only keyword suppresses
all the more specific routes of an
aggregate address from being Selective Prefix Suppression
advertised. After a route is Selective prefix suppression
suppressed, it is still possible to explicitly lists the networks that
advertise the suppressed route to a should not be advertised along with
the summary route to neighbor
specific neighbor unsuppress-map routers suppress-map
The Atomic Aggregate attribute indicates that a loss of path
information has occurred.
To keep the BGP path information history, the optional as-set keyword
may be used with the aggregate-address command. As the router
generates the aggregate route, BGP attributes from the summarized routes
are copied over to it The AS_SET is
displayed within brackets
Using the AS-SET feature with network aggregation combines all the
attributes of the original prefixes into the aggregated prefixes. This might
cause issues with your routing policy. be aware about that you can use
the advertise-map option allows for conditionally matching and denying
attributes that should be permitted or denied in the aggregated route
Advertising a default route into the BGP table requires the default route
to exist in the RIB and the BGP configuration command default-
information originate to be used. The redistribution of a default route or
use of a network 0.0.0.0/0 does not work without the default-information
originate command
Some network topologies restrict the size of the BGP advertisements to a
neighbor because the remote router does not have enough processing
power or memory for the full BGP routing table neighbor ip-address
default-originate
BGP communities provide additional capability for tagging routes and for
modifying BGP routing policy on upstream and downstream routers. BGP
communities can be appended, removed, or modified selectively on each
attribute as the route travels from router to router. BGP communities are an
optional transitive
A BGP community can be displayed as a full 32-bit number
(0-4,294,967,295) or as two 16-bit numbers (0-65535):(0-65535) commonly
referred to as new-format Private BGP communities follow the convention
that the first 16-bits represent the AS of the community origination, and the
second 16-bits represent a pattern defined by the originating AS In 2006,
RFC 4360 expanded BGP communities’ capabilities by providing an
Route BGP Communities extended format. Extended BGP communities provide structure for various
Summarization classes of information and are commonly used for VPN Services
IOS XR and NX-OS devices display BGP communities in new-format by
default, and IOS nodes display communities in decimal format by default
ip bgp-community new-format
IOS and NX-OS devices do not advertise BGP communities to peers by
default
IOS XR advertises BGP communities to IBGP peers by default
no-advertise – do not send beyond local router (0xFFFFFF02)
Aggregate-Address no-export – do not send beyond local AS (0xFFFFFF01)
Well known
BGP Fundamentals 4 local-as – do not send to ebgp sub-AS peers within confed
(0xFFFFFF03)
internet – permit any – overwrite all communities and allow prefix
to be announced everywhere
gshut – gracefull shutdown, like overload bit in ISIS, „go around me” signal
Atomic to all BGP speakers
Aggregate
remove private AS feature:
■ Removes only private ASNs on routes advertised to EBGP peers.
■ If the AS-Path for the route has only private ASNs, the private ASNs are
Remove Private AS removed.
Route Aggregation
■ If the AS-Path for the route has a private ASN between public ASNs, it is
with AS_SET assumed that this is a design choice, and the private ASN is not removed
■ If the AS-Path contains confederations (AS_CONFED_SEQ), BGP
removes the private AS numbers only if they are included after the
Route Aggregation AS_CONFED_SEQ (Confederation AS-Path) of the path.
with Selective
Advertisement of AS- The Allow AS feature allows for routes to be received and processed even if
SET Allow AS the router detects its own ASN in the AS-Path
The LocalAS feature is configured on a per peer basis, and allows for BGP sessions
to establish using an alternate ASN than the ASN that the BGP process is running on.
The LocalAS feature works only with EBGP peerings One problem with the alternate
Default Route ASN being prepended when receiving the routes is that other IBGP peers drop the
network prefixes as part of a routing loop detection.
Advertisement ■ To stop the alternate ASN from being prepended when receiving routes, the
Local AS optional keyword no-prepend is used.
Default Route ■ To stop the alternate ASN from being prepended when sending routes, the optional
keywords no-prepend replace-as is used.
Advertisement per ■ If both no-prepend replace-as keywords are used, all routers see the BGP
Neighbor advertisements as if they were running the original AS in the BGP process.
 Troubleshoot Blocked Process in IOS XR IOS XR is a distributed operating system, and every Decode BGP Messages BGP generates a hex ■ During establishment of BGP sessions because of misconfiguration
component (feature) runs as a separate process with its own set of threads that manages dump of the message. These hex dumps can ■ Triggered by network migration or event, or software or hardware upgrades
various tasks of the component.Unlike traditional IOS , In IOS XR, the BGP Process Manager then be analyzed to understand why the BGP ■ Failure to maintain BGP keepalives due to transmission problems
(BPM) and BGP processes create the BGP protocol functionality.The BPM process also has the router was unable to process the message. The peering down issue occurs ■ High CPU
responsibility to calculate the router-id if one is not explicitly configured. It interacts with There are external websites that help decode because of one of the following ■ Blocked or stuck processes
NETIO, TCP, and a few other processes internally to perform the necessary tasks in the system BGP messages; for example, ■ Firewall or ACL misconfiguration
and finally installs the routes in the Routing Information Base (RIB) http://bgpaste.convergence.cx circumstances ■ Software defects

Verify that the BGP and BPM processes

■ Idle state No connected route to peer
are in Run state by using the command show
process process-name [detail | location {LC/
Active state
Debugs for BGP
RP location | all} Running debugs should always be the ■ No route to peer address (IP connectivity not present)
last resort for troubleshooting any ■ Configuration error, such as update-source missing or wrongly
Verify Blocked Processes
Execute show process blocked [location network problem. Debugs can configured
{RP/LC}] to verify whether there are any sometimes cause an impact in the A down BGP peer state
network if not used carefully. But Idle/Active state
blocked processes, which could cause an is in either an Idle or
impact on the BGP process. Primarily the sometimes they are the only options ■ Transmission Control Protocol (TCP) establishes but BGP
techniques cannot repair the problem Active state. negotiation fails; for ex: misconfigured AS
bgp, bpm, tcp, and netio processes are the
ones that are critical when other troubleshooting ■ Router did not agree on the peering parameters
debug bgp ipv4 unicast ip-address
Restarting a Process show running-config | section router bgp //Config
If for some reason a process is in blocked show bgp ipv4 unicast neighbor X.X.X.X | in TTL // TTL Values
state for a long period of time, restart the ping X.X.X.X source Y.Y.Y.Y // Verifying Reachability
process using process restart [job-id | ping xxxx source loopback0
process-name].
■ Find the location and direction of packet loss show ip traffic + include echo
If the connectivity
■ Verify whether packets are being transmitted. If there is complete packet
problem is in the loss on the link, perform a ping connectivity test with the
forwarding path or the timeout set to 0 to confirm if the packet is actually leaving the router or if the
return path. other side is receiving the packets
Common BGP show interface Gi0/1 | in packets
ping 10.1.12.1 timeout 0 repeat 10
Troubleshooting ■ Use access control lists (ACL) to verify that packets are received ACLs
prove to be really useful when troubleshooting packet loss or reachability issues.
Dynamic BGP Peering Common BGP Configuring an ACL matching the source and the destination IP can help
confirm whether the packet has reached the destination router
Troubleshooting Many deployments have firewalls to protect the network from unwanted and
malicious traffic. It is a better option tohave a firewall installed than to have a
One way to minimize the configuration is by using BGP peer groups. If there are multiple neighbors that will share the same remote-as BGP Peering Down Issues huge ACL configured on the routers and switches. Firewalls can be configured
number or the same outbound policies, peer groups make it very easy to manage the configuration for those neighbors.This feature is Demystifying BGP in two modes:
not available for IPv6 addresses and dynamic BGP neighbor feature is not available on IOS XR and NX-OS. ■ Routed mode
Notifications ■ Transparent mode
The BGP dynamic neighbor concept is helpful in a hub-spoke topology where only the spoke router needs to have the peering
configuration toward the hub. The spoke routers can be part of the same subnet. The hub router only needs to know the subnet. It can In Routed mode, the firewall has routing capabilities and is considered to be a
also be useful in topologies where RR is configured and there are huge numbers of RR clients. Similarly, a dynamic BGP peering routed hop in the network. In Transparent mode, the firewall is not considered
concept can be used with confederations. as a router hop to the connected device but merely acts like a “bump in the
wire.
Dynamic BGP Peer Configuration
Step 1. Define the peer group by using Rtr(config-router)# neighbor peer-group name peer-group. In some deployments, network operators add NAT on the routed firewalls. In
Step 2. Create a global limit of BGP dynamic subnet range neighbors. The value ranges from 1 to cases where NAT is configured on the router or on the firewall, the BGP
5000. Rtr(config-router)# bgp listen limit value. peering should be configured with the translated IP address rather than the
Step 3. Configure an IP Subnet Range and associate it with a peer group. Multiple subnets can be remote IP
added to the same peer group. Rtr(config-router)# bgp listen range subnet peer-group peer-group-
■ Verify TCP sessions A BGP session is a TCP session. Therefore, it is very
name
important to verify if the TCP session is getting established to ensure successful
Step 4. Define the remote-as for the peer group. Optionally, define the list of ASnumbers that can
BGP session establishment
be accepted to form neighborship with. The max limit of alternate-as numbers is 5. Rtr(config-
show sockets connection tcp
router)# neighbor peer-group-name remote-as asn [alternate-as [asn] [asn] [asn] [asn] [asn]].
show tcp brief all
Step 5. Activate the peer group under ipv4 address-family by using Rtr(config-router
af)# neighbor peer-group-name activate. ■ Simulate a BGP session. A good troubleshooting technique for BGP peers that
Note The alternate-as option is not available when configuring IBGP sessions. are down is using Telnet on TCP port 179 toward the destination peer IP and
implementing local peering IP as the source. This technique helps ensure that the
Dynamic BGP Challenges
TCP is not getting blocked or dropped between the two BGP peering devices
With dynamic BGP features, additional challenges are present, such as
telnet x.x.x.x source loopback 0
■ Misconfigured MD5 password
■ Resource issues in a scaled environment
■ TCP starvation

Misconfigured MD5 Password TCP Starvation

This problem is very common and is generally caused by human error due to typo UDP occupies all the
mistakes. You have to be careful when configuring passwords on the router configured queues and makes TCP starve for Example
for dynamically establishing a BGP neighbor relationship bandwidth. Therefore, it is good to
Resource Issues in a Scaled Environment limit the number of
The router Does not have any resources to serve any request coming to it. So proper planning must BGP neighbors and be cautious
be done to determine how many neighbors can dynamically form BGP neighbor relationships on during removal/addition of new IP
the router. subnet ranges
 An exact route must exist in the router’s RIB (routing table) for Local Route Flapping BGP peers could be due to one of several reasons:
the route to be installed into the BGP table so that it can be ■ Bad BGP update
advertised to BGP neighbors. There are two solutions: modify
Advertisement Issues
Troubleshooting BGP ■ Hold timer expired
the BGP configuration to match the local networks that already the BGP state keeps ■ MTU mismatch
exist in the RIB or create a static route for the network in the Route Advertisement flapping between Idle ■ High CPU
BGP configuration ■ Interface and platform drops
The static route uses the Null 0 interface as a safety mechanism and Established states ■ Improper control-plane policing
to prevent routing loops. If Rtr has a more explicit route (longer
match), it can forward the packet to that direction. If it does not
have a more explicit route, the packet is dropped
Bad BGP Update ■ Bad link carrying the update; bad hardware
■ Problem with BGP update packaging
The aggregate route is not present because there are not any Route Aggregation Issues ■ Malicious update by an attacker (hacker)
prefixes within the summary aggregate prefix range in the BGP ■ Interface issues
table By adding the smaller network prefixes into the BGP table,
the aggregate route can be created To keep the smaller prefixes Hold Timer ■ Physical connectivity packets are not transmitted correctly
from being advertised, they can be filtered with the router’s Expired through the wire.
outbound BGP policy or through the suppression locally by
appending the keyword summary-only to the aggregate- ■ Physical interface the interface was unable to process the packet
address command because it was receiving traffic at an excessive rate
Redistributing routes into BGP is a common method of
■ Input hold queue Packets arrive to the router but are dropped in the
populating the BGP table,Some of the OSPF and IS-IS routes Route Redistribution
were not redistributed into BGP for the following input hold queue of the incoming Interface Show interface xxx
reasons:
Issues
■ OSPF: When redistributing OSPF into BGP, the default ■ TCP receive queue and BGP InQ BGP keepalives arrive at the
Note Although not directly related to the TCP receiving queue but are not being processed and moved to the BGP
behavior includes only routes that are internal to OSPF (O or
advertisement of routes into BGP, issues can InQ. When a non-zero value is seen for the BGP neighbor in the show
O IA). The redistribution of external OSPF routes requires a
arise when redistributing routes from BGP to bgp afi safi summary command, it indicates that the TCP messages are
conditional match in the redistribution statement and/or an
an IGP protocol. By default, BGP does not waiting in queue to be processed.
optional redistribution route-map.
redistribute internal routes (routes learned via ■ Mismatch MTU
■ IS-IS: IS-IS does not include directly connected subnets for
any destination routing protocol. This behavior is overcome by
an IBGP peer) into an IGP protocol (that is, MTU Mismatch
OSPF) as a safety mechanism. The command ■ Improper planning and network design
redistributing the connected networks into BGP Issues ■ Device not supporting Jumbo MTU or certain MTU values
bgp redistribute-internal allows IBGP routes
redistribute ospf 1 match internal external 1 external 2 ■ Unknown transport circuits such as EoMPLS (may not support Jumbo
to be redistributed into an IGP routing protocol
Step 1. Verify next-hop reachability. Confirm that the next-hop address is
Common BGP MTU end to end)
■ Change due to application requirement
resolvable in the global RIB. If the next-hop address is not resolvable in the RIB,
the NLRI remains but does not process after Step 2. The next-hop address must Troubleshooting ■ Change due to end customer requirement
MSS value defaults to 536 bytes as defined in RFC 879
be resolvable for the BGP best path process to occur in Step 3
BGP Tables BGP Peer Flapping Issues RFC 1191, PMTUD is introduced to reduce the chances of IP
Step 2. Set BGP path attributes. The following BGP PAs are set dependent packets getting fragmented along the path and to help with faster
upon the location of the route in the local RIB: Network /static route or routing convergence. Using PMTUD, the source identifies the lowest MTU
protocol /redistribution
Route Advertisement
along the path to destination and then decides what packet size to
Step 3. Identify the BGP best path. In BGP, route advertisements consist of send
the NLRI and the path attributes (PAs) A BGP router only advertises the best
path to the neighboring routers BGP recalculates the best path for a prefix upon ■ The interface MTU on both the peering routers do not match.
four possible events: ■ The Layer 2 path between the two peering routers do not have
■ BGP next-hop reachability change consistent MTU settings.
■ Failure of an interface connected to an External Border Gateway Protocol ■ PMTUD didn’t calculate correct MSS for the TCP BGP session.
(EBGP) peer High CPU Causing ■ BGP PMTUD could be failing because of blocked ICMP messages by
■ Redistribution change a router or a firewall in path
■ Reception of new paths for a route
Control-Plane Flaps
■ CPU process issues
Step 4. Process outbound neighbor route policies The NLRI is processed
■ Interrupt (traffic processing)
through any specific outbound neighbor route policies
show process cpu sorted | exclude 0.0
Step 5. Advertise the NLRI to BGP peers. The router advertises the NLRI to
If the CPU is high due to interrupts, it could be due to one of the
BGP peers. If the NLRI’s next-hop BGP PA is 0.0.0.0, then the next-hop address
following problems:
is
■ Excess process switched packets
changed to the IP address of the BGP session
■ Packets with TTL value of 1
Step 1. Perform a quick validity check. This is performed on the route to Receiving and Viewing ■ Excess control plane packets
ensure that a routing loop is not occurring.like (ASN) in the AS-Path or its Routes The following methods help mitigate the problems caused by packets
router-ID (RID) hitting the CPU:
Step 2. Store the route in Adj-RIB-In and process inbound route policies. ■ Configuring an ACL to block the packets once identified
The NLRI is stored in the Adj-RIB-In table in its original state. The inbound ■ Configuring rate limiters
route policy is applied based on the neighbor the route was received. ■ Using Control Plane Policing (CoPP)
Step 3. Update the Loc-RIB. The BGP Loc-RIB database is updated with the Control Plane Policing This scenario can result in one of the following issues:
NLRI after inbound route-policy processing has occurred
■ Loss of line protocol keepalives, update which can cause a line to go
Step 4. Verify next-hop reachability. Confirm that the next-hop address is
down and lead to route flaps and major network transitions.
resolvable in the global RIB.
■ Near 100% CPU utilization can lock up the router and prevent it from
Step 5. Compute the BGP best path. Multiple NLRIs (paths) can exist for the
completing high-priority processing,
same network prefix in the Loc-RIB table
■ When the RP is near 100% utilization, the response time at the user
Step 6. Install the BGP best path into the global RIB and advertise to peers.
command line interface (CLI) is very slow or the CLI is locked out.
Install the prefix into the Global RIB using the next-hop IP address from the
■ Resources including memory, buffers, and data structures can be
BGP Loc-RIB table command RIB failure is seen with the command show ip
consumed causing negative side effects. Drops of important packets.
bgp rib-failure.
■ Router crashes.
Step 7. Process outbound neighbor route policies. The NLRI is processed
The Control Plane Policing (CoPP) feature increases the device security
through any specific outbound neighbor route policies.
by protecting its CPU (Route Processor) from unwanted and excess
Step 8. Advertise the NLRI to BGP peers. Advertise the NLRI to BGP peers. If
traffic or Denial of Service (DoS) attacks
the NLRI’s next-hop BGP PA is 0.0.0.0, then the next-hop address is changed to
the IP address of the BGP session

Regular Expressions
(Regex)
Note The.^$*+()[]? characters are special
control characters that cannot be used
without using the backslash (\) escape
character. For example, to match on the *
in the output you would use the \* syntax.
Looking Glass and Route Servers
Hands-on experience is helpful when
learning technologies such as regex
http://www.bgp4.net or
http://www.traceroute.org
Troubleshooting
Reasons that route advertisement
Troubleshooting Missing fails between BGP peers are as follows:
BGP Routes ■ Next-Hop Check Failure
■ Bad Network Design
■ Validity Check Failure
■ BGP Communities
■ Mandatory EBGP Route Policy for IOS XR
■ Route filtering
■ BGP Loc-RIB: Just because a route is missing from the Global RIB show
bgp afi safi [prefix/prefixlength]
■ BGP Adj-RIB-in: The BGP Loc-RIB table contains only valid routes that
passed the router’s inbound route policies
■ BGP Adj-RIB-out: Viewing the BGP Adj-RIB-out table on the advertising
router verifies that the route was advertised and provides a list of the BGP PAs
that were included with the route
■ Viewing BGP Neighbor Sessions: The information contained in the BGP
neighbor session varies from platform to platform, but still provides a lot of
useful information, such as the number of prefixes advertised….. So on
show bgp afi safi neighbor ip-address.
■ NX-OS Event History: NX-OS contains a form of logging that runs in the
background and is not as intensive as running a debug.
show bgp event-history detail.
■ Debug Commands: Debug commands provide the most amount of
information about BGP.

Convergence Issues show bgp afi safi prefix/prefix-length and show ip route next-hop-IP-address
Next-Hop Check Failures The next-hop IP address could be not available in the RIB.
■ advertises the peering link into BGP
A BGP speaker faces convergence issues primarily because of a large BGP table size
■ Establish an IGP routing protocol within AS and advertise the peering link
and an increase in the number of BGP peers. The different dimensional factors while investigating
but make the peering link interface passive
BGP convergence issues that need to be considered include the following:
■ configure the next-hop-self feature in the address-family for the BGP peering
■ Number of peers
■ Number of address-families there are many solution it's depending in design and other factors .
■ Number of prefixes/paths per address-family
■ Link speed of individual interface, individual peer
Common BGP Bad Network Design Networks that use BGP are more sensitive to design flaws than networks that
use only IGP routing protocols. An improperly design BGP network can result
■ Different update group settings and topology
■ Complexity of attribute creation and parsing for each address-family Troubleshooting in an inconsistent routing policy, missing routes, or worse.

BGP performs a validity check upon receipt of prefixes. Specifically, BGP is

Faster Detection of Failures One of the biggest factors leading to slower convergence is the
mechanism to detect failures. BFD is used in conjunction with BGP to help detect failures
BGP Peer Flapping Validity Check Failure looking for indicators of a loop, such as
■ Identifying the router’s ASN in the AS-Path : AS-Prepending,Route

Jumbo MTU for Faster Convergence 9176 byte update messages can be sent to the neighbors
instead of the default 536 byte update messages. This increases the efficiency because fewer
update messages need to be sent to the peer
Slow Convergence due to Periodic BGP Scan To overcome this issue, the BGP scan time is
reduced by using the command bgp scantime time-in-seconds, where the timer can be set to any
value between 5 seconds and 60 seconds. But this is not an effective solution A better way to
overcome this issue is by using the BGP next-hop tracking (NHT) feature
Slow Convergence due to Default Route in RIB Default route makes the configuration simpler
by allowing all traffic, but it is very important to understand where the default route needs to be
advertised in the network and what impact it can potentially have. Although at times a default
route is required, if configured inappropriately, it can lead to convergence issues and traffic black
hole
Selective Next-Hop Tracking BGP NHT overcomes the problem faced because of periodic BGP
scan by introducing the event-driven quick scan paradigm, but it still does not resolve the
inconsistencies caused by default route or summarized route present in the RIB. To overcome
these problems, a new enhancement was introduced in BGP NHT called the BGP SelectiveNext-
Hop Tracking or BGP Selective Next-Hop Route Filtering the command bgp nexthop route-map
route-map-name
Slow Convergence due to Advertisement Interval BGP neighbor advertisement interval or
MRAI causes delays in update generation if set to a higher value configured manually. It is a good
practice to have the same MRAI timer at both ends of the neighbor and also across different
platforms
Computing and Installing New Path BGP always selects only one best path (assuming BGP
multipath is not configured). In case of failure of the best path, BGP has to go through the path
selection process again to compute the alternative best path. This takes time and thus impacts
convergence time. Also, features such as BGP NHT help improve the convergence time by
providing fast reaction to IGP events, but that is still not significant because it depends
on the total number of prefixes to be processed for best-path selection. With the BGP multipath
feature, equal cost paths can be used for both redundancy and faster failover
Issues Aggregation After configuring the as-set keyword on Rtr, Rtr includes the PAs
from the smaller aggregate routes
■ Identifying the router’s RID in as the Route-Originator ID
■ Identifying the router’s RID as the Cluster ID
BGP communities provide additional capability for tagging routes and are
considered either well-known or private BGP communities. Private BGP
BGP Communities communities are used for conditional matching for a router’s route policy
BGP Slow Peer Symptoms BGP Slow Peer There are three well-known communities that affect only outbound route
There are two common symptoms advertisement: No-Advertise, No-Export, and Local-As
when the BGP slow peer condition is show bgp afi safi [community {local-AS | no-advertise | no-export}]
seen: BGP Communities: No-Advertise
■ High CPU due to BGP Router The No_Advertise community (0xFFFFFF02 or 4,294,967,042) specifies that
process routes with this community should not be advertised to any BGP peer.
■ Prefixes not getting replicated and BGP Communities: No-Export
traffic black hole The No_Export community (0xFFFFFF01 or 4,294,967,041) specifies that
when a route is received with this community, the route is not advertised to any
EBGP peer. If the router receiving the No-Export route is a confederation
member, the route can be advertised to other sub-ASs in the confederation.
BGP Communities: Local-AS (No Export SubConfed)
The No_Export_SubConfed community (0xFFFFFF03 or 4,294,967,043)
known as the Local-AS community specifies that a route with this community
is not advertised outside of the local AS. If the router receiving a route with the
Local-AS community is a confederation member, the route can be advertised
BGP Slow Peer Detection only within the sub-AS (Member-AS) and is not advertised between Member-
BGP slow peer condition can be easily detected with the help of show ASs.
commands. The The last component for finding missing BGP routes is through the examination
following steps help identify a BGP slow peer:
Filtering of Prefixes by
of the BGP routing policies. As stated before, BGP route policies are applied
Step 1. Verify OutQ in show bgp ipv4 unicast summary output. Route Policy before routes are inserted into the Loc-RIB table and as prefixes leave the Loc-
Step 2. Verify SndWnd field in the show bgp ipv4 unicast neighbor ip-address RIB before they are advertised to a BGP peer.
Step 3.Verify CSize along with Current Version and Next Version fields in ■ Prefix-list: A list of prefix matching specifications that permit or deny
show bgp ipv4 unicast replication output. network prefixes in a top-down fashion similar to an ACL.
Step 4. Verify CPU utilization due to BGP Router process. ■ AS-Path ACL/Filtering: A list of regex commands that allows for the permit
or deny of a network prefix based on the current AS-Path values.
■ Route-maps: Route-maps provide a method of conditional matching on a
variety of prefix attributes and taking a variety of actions. Actions could be a
simple permit or deny or could include the modification of BGP path attributes.