[c-nsp] BGP KEEPALIVE maximum frequency
M. V.
bored_to_death85 at yahoo.com
Sat Dec 4 10:38:02 EST 2010
hi Magno,
>Bgp keepalives during the opening of a session are perfectly normal. In fact,
>the two peers acknowledge that the Open bgp message sent by the other has been
>>correctly received and accepted. This initial keepalive moves the bgp state
>machine from 'Open Sent' to 'established'.
as i said, RFC4271 says: router should send first KEEPALIVE when goes from
"OpenSent" to "OpenConfirm". then when first KEEPALIVE of its peer is recieved,
it goes to "Established" state, and starts its KeepAlive-Timer(default=60s). so
the next (2nd so far) KEEPALIVE message has to be sent after 60 seconds.
but what i see is: routers send first KEEPALIVE when they go from "OpenSent" to
"OpenConfirm". and then send 1 or 2 (usually 2) KEEPALIVEs immediately after
they go to Established state.
plus, RFC4271 says: "KEEPALIVE messages MUST NOT be sent more frequently than
one per second" which happens here. so, i wanted to know, why they behave like
this.
Regards.
________________________________
From: magno <massimo.magnani at gmail.com>
To: M. V. <bored_to_death85 at yahoo.com>
Cc: Łukasz Bromirski <lukasz at bromirski.net>; cisco-nsp at puck.nether.net
Sent: Sat, December 4, 2010 6:13:35 PM
Subject: Re: [c-nsp] BGP KEEPALIVE maximum frequency
Bgp keepalives during the opening of a session are perfectly normal. In fact,
the two peers acknowledge that the Open bgp message sent by the other has been
correctly received and accepted. This initial keepalive moves the bgp state
machine from 'Open Sent' to 'established'.
Hope this helps.
Magno
Il giorno 04/dic/2010 14.47, "M. V." <bored_to_death85 at yahoo.com> ha scritto:
> hi Lukasz,
>
> actually i tested this over 3 different scenarios separately, and the result
>was
>
> the same:
> (1) in GNS3, i added 2 "cisco3600 (IOS: 12.3(22))" and connected them to
> each-other
> (2) in GNS3, i added 2 "cisco3600 (IOS: 12.3(22))", then started Quagga on
> FreeBSD, then connected my virtual Ciscos to quagga via "tap"s
> (3) i connected a Quagga (on FreeBSD) to a real-box "Cisco2800 (ISO:
> 12.4(15)T13)" via a real ethernet line
>
> in each scenario, the configuration on each router (quagga, cisco2800,
> cisco3600) was the minimum that is needed:
> #interface ???
> ##ip address X.X.X.Y 255.255.255.0
> #router bgp 1
> ##neighbor X.X.X.Z remote-as 1
> ##neighbor X.X.X.Z activate
>
> and the result on each scenario was the same:
> in (1) both Ciscos were sending 3 KEEPALIVES (after OPENs)
> in (2) Quagga and one Cisco sent 2 KEEPALIVES and one Cisco sent 3 KEEPALIVES
> (after OPENs)
> in (3) Quagga and Cisco, both sent 2 KEEPALIVES. after that, i restarted
>Quagga,
>
> this time, Quagga sent 2 KEEPALIVES and Cisco sent 3 KEEPALIVES.
> * i've tested Quagga before and saw Quagga also sends 3 KEEPALIVES sometimes.
>
> this is a sample of my wireshark (just BGPs) for scenario(3) where 192.168.0.24
>
> is Quagga and 192.168.0.210 is my Cisco2800:
> ...
> no time source dest proto
> info
> 700 10.198417 192.168.0.24 192.168.0.210 BGP OPEN Message
> 701 10.200723 192.168.0.210 192.168.0.24 BGP OPEN Message
> 705 10.200855 192.168.0.24 192.168.0.210 BGP KEEPALIVE Message
> 706 10.201105 192.168.0.210 192.168.0.24 BGP KEEPALIVE Message
> 708 10.201258 192.168.0.24 192.168.0.210 BGP KEEPALIVE Message
> 709 10.202348 192.168.0.210 192.168.0.24 BGP KEEPALIVE Message
> 712 10.202602 192.168.0.210 192.168.0.24 BGP KEEPALIVE Message
> 713 70.204722 .....
> ...
>
> Regards.
>
>
>
>
>
> ________________________________
> From: Łukasz Bromirski <lukasz at bromirski.net>
> To: cisco-nsp at puck.nether.net
> Sent: Sat, December 4, 2010 4:19:55 PM
> Subject: Re: [c-nsp] BGP KEEPALIVE maximum frequency
>
> On 2010-12-04 12:40, M. V. wrote:
>> hi,
>>
>> i have sort of a technical question.
>> RFC4271 (main RFC of BGP4) says: "KEEPALIVE messages MUST NOT be sent more
>> frequently than one per second". i checked cisco with wireshark and saw it
>>sends
>> more than 1 KEEPALIVE (sometimes 2, but usually 3) in less than 1 second
right
>> after OPEN messages are sent. and then after that, everything gets back to
>> normal, and it sends KEEPALIVEs just every 60 seconds.
>
> Do you have more details on this specific setup? IOS version? Both
> devices were Cisco or Cisco<>3rd party? Was it on the real boxes
> or under dynamips?
>
> -- "Everything will be okay in the end. | Łukasz Bromirski
> If it's not okay, it's not the end." | http://lukasz.bromirski.net
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list