[c-nsp] Non-default BGP hold / keepalive timers
Bruce Pinsky
bep at whack.org
Mon Oct 3 20:00:07 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pete Templin wrote:
> David J. Hughes wrote:
>
>>>Providing your BGP peering neighbor's implementation doesn't have
>>>knobs to
>>>disallow a connection below a certain holdtime value.
>>
>>
>>Can't see one in IOS and JunOS doesn't appear to have one either from
>>my reading. Interestingly JunOS uses default settings of 3 * 30
>>seconds rather than IOS's 3 * 60 seconds. If it works with IOS and
>>JunOS peers I think I'm pretty safe.
>
>
> IOS has the knobs. Bruce was referring to implementations that use it:
>
> Lab-R2(config-router)#neig 1.1.1.1 timers ?
> <0-65535> Keepalive interval
>
> Lab-R2(config-router)#neig 1.1.1.1 timers 5 ?
> <0-65535> Holdtime
>
> Lab-R2(config-router)#neig 1.1.1.1 timers 5 15 ?
> <0-65535> Minimum hold time from neighbor
> <cr>
And it will happily enforce it as well:
Client side
- -------------
*Oct 3 23:42:51.911: BGP: 100.0.0.2 sending OPEN, version 4, my as: 65001,
holdtime 90 seconds
*Oct 3 23:42:51.931: BGP: 100.0.0.2 send message type 1, length (incl.
header) 45
*Oct 3 23:42:52.071: BGP: 100.0.0.2 rcv message type 3, length (excl.
header) 2
*Oct 3 23:42:52.071: %BGP-3-NOTIFICATION: received from neighbor 100.0.0.2
2/6 (unacceptable hold time) 0 bytes
*Oct 3 23:42:52.071: BGP: 100.0.0.2 went from OpenSent to Closing
*Oct 3 23:42:52.199: BGP: 100.0.0.2 went from Closing to Idle
*Oct 3 23:42:52.199: BGP: 100.0.0.2 closing
Provider side
- --------------
*Oct 3 23:42:52.075: BGP: 100.0.0.1 rcv OPEN, version 4, holdtime 90 seconds
*Oct 3 23:42:52.075: BGP: 100.0.0.1 went from Connect to OpenSent
*Oct 3 23:42:52.075: BGP: 100.0.0.1 sending OPEN, version 4, my as: 13979,
holdtime 180 seconds
*Oct 3 23:42:52.075: BGP: 100.0.0.1 went from OpenSent to Closing
*Oct 3 23:42:52.075: %BGP-3-NOTIFICATION: sent to neighbor 100.0.0.1 2/6
(unacceptable hold time) 0 bytes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF
002D 0104 FDE9 005A 6400 0001 1002 0601 0400 0100 0102 0280 0002 0202 00
*Oct 3 23:42:52.083: BGP: 100.0.0.1 send message type 3, length (incl.
header) 21
*Oct 3 23:42:53.275: BGP: 100.0.0.1 local error close after sending
NOTIFICATION
*Oct 3 23:42:54.323: BGP: 100.0.0.1 went from Closing to Idle
*Oct 3 23:42:54.323: BGP: 100.0.0.1 closing
And one could argue that setting a minimum required holdtime could be
considered a best practice to avoid someone intentionally or
unintentionally causing undue CPU load on your system.
I also see no such capability in JunOS.
- --
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
iD8DBQFDQcYGE1XcgMgrtyYRAuAkAJ9JD3bW/gsU236GoaqTy4Yu2iN4FgCgnFh3
cLsWn1l/ugZqMHQSLKs0xjI=
=5RhX
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list