[c-nsp] BGP KEEPALIVE maximum frequency

M. V. bored_to_death85 at yahoo.com
Sat Dec 4 10:38:02 EST 2010 

hi Magno,

>Bgp keepalives during the opening of a session are perfectly normal.  In fact, 
>the two peers acknowledge that the Open bgp message sent by the other has been 
>>correctly received and accepted. This initial keepalive moves the bgp state 
>machine from 'Open Sent' to 'established'.

as i said, RFC4271 says: router should send first KEEPALIVE when goes from 
"OpenSent" to "OpenConfirm". then when first KEEPALIVE of its peer is recieved, 
it goes to "Established" state, and starts its KeepAlive-Timer(default=60s).  so 
the next (2nd so far) KEEPALIVE message has to be sent after 60 seconds.
but what i see is: routers send first KEEPALIVE when they go from "OpenSent" to 
"OpenConfirm". and then send 1 or 2 (usually 2) KEEPALIVEs immediately after 
they go to Established state.
plus,  RFC4271 says: "KEEPALIVE messages MUST NOT be sent more frequently than 
one per second" which happens here. so, i wanted to know, why they behave like 
this.

Regards.




________________________________
From: magno <massimo.magnani at gmail.com>
To: M. V. <bored_to_death85 at yahoo.com>
Cc: Łukasz Bromirski <lukasz at bromirski.net>; cisco-nsp at puck.nether.net
Sent: Sat, December 4, 2010 6:13:35 PM
Subject: Re: [c-nsp] BGP KEEPALIVE maximum frequency


Bgp keepalives during the opening of a session are perfectly normal.  In fact, 
the two peers acknowledge that the Open bgp message sent by the other has been 
correctly received and accepted. This initial keepalive moves the bgp state 
machine from 'Open Sent' to 'established'.
Hope this helps.
Magno 
Il giorno 04/dic/2010 14.47, "M. V." <bored_to_death85 at yahoo.com> ha scritto:
> hi Lukasz,
> 
> actually i tested this over 3 different scenarios separately, and the result 
>was 
>
> the same:
> (1) in GNS3, i added 2 "cisco3600 (IOS: 12.3(22))" and connected them to 
> each-other
> (2) in GNS3, i added 2  "cisco3600 (IOS: 12.3(22))", then started  Quagga on 
> FreeBSD, then connected my virtual Ciscos to quagga via "tap"s
> (3) i connected a Quagga (on FreeBSD) to a real-box "Cisco2800 (ISO: 
> 12.4(15)T13)" via a real ethernet line
> 
> in each scenario, the configuration on each router (quagga, cisco2800, 
> cisco3600) was the minimum that is needed:
> #interface ???
> ##ip address X.X.X.Y 255.255.255.0
> #router bgp 1
> ##neighbor X.X.X.Z remote-as 1
> ##neighbor X.X.X.Z activate
> 
> and the result on each scenario was the same:
> in (1) both Ciscos were sending 3 KEEPALIVES (after OPENs)
> in (2) Quagga and one Cisco sent 2 KEEPALIVES and one Cisco sent 3 KEEPALIVES 
> (after OPENs)
> in (3) Quagga and Cisco, both sent 2 KEEPALIVES. after that, i restarted 
>Quagga, 
>
> this time, Quagga sent 2 KEEPALIVES and Cisco sent 3 KEEPALIVES.
> * i've tested Quagga before and saw Quagga also sends 3 KEEPALIVES sometimes.
> 
> this is a sample of my wireshark (just BGPs) for scenario(3) where 192.168.0.24 
>
> is Quagga and 192.168.0.210 is my Cisco2800:
> ...
> no          time            source                dest                 proto 
>    info
> 700    10.198417    192.168.0.24    192.168.0.210    BGP    OPEN Message
> 701    10.200723    192.168.0.210    192.168.0.24    BGP    OPEN Message
> 705    10.200855    192.168.0.24    192.168.0.210    BGP    KEEPALIVE Message
> 706    10.201105    192.168.0.210    192.168.0.24    BGP    KEEPALIVE Message
> 708    10.201258    192.168.0.24    192.168.0.210    BGP    KEEPALIVE Message
> 709    10.202348    192.168.0.210    192.168.0.24    BGP    KEEPALIVE Message
> 712    10.202602    192.168.0.210    192.168.0.24    BGP    KEEPALIVE Message
> 713    70.204722     .....
> ...
> 
> Regards.
> 
> 
> 
> 
> 
> ________________________________
> From: Łukasz Bromirski <lukasz at bromirski.net>
> To: cisco-nsp at puck.nether.net
> Sent: Sat, December 4, 2010 4:19:55 PM
> Subject: Re: [c-nsp] BGP KEEPALIVE maximum frequency
> 
> On 2010-12-04 12:40, M. V. wrote:
>> hi,
>> 
>> i have sort of a technical question.
>> RFC4271 (main RFC of BGP4) says: "KEEPALIVE messages MUST NOT be sent more
>> frequently than one per second". i checked cisco with wireshark and saw it 
>>sends
>> more than 1 KEEPALIVE (sometimes 2, but usually 3) in less than 1 second 
right
>> after OPEN messages are sent. and then after that, everything gets back to
>> normal, and it sends KEEPALIVEs just every 60 seconds.
> 
> Do you have more details on this specific setup? IOS version? Both
> devices were Cisco or Cisco<>3rd party? Was it on the real boxes
> or under dynamips?
> 
> -- "Everything will be okay in the end.  |                 Łukasz Bromirski
> If it's not okay, it's not the end." | http://lukasz.bromirski.net
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list