[c-nsp] route-map IN / OUT deny issue

[Cory Ayers]

Hi Andy,

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Andy B.
> Sent: Tuesday, March 02, 2010 6:33 AM
> 
> I have 181 update-groups.
> The reason why I am having this is that I want to allow my transit
> customers to send us BGP communities that will allow them to control
> the announcements to individual peers, rather than to regional peering
> groups. I only can see 1 route-map per peer as a solution here. Or is
> there a better way (regexp?) to handle this?
> 
> The BGP communities we are getting from the customer would be
> 6500x:ASN (x = number of prepends: 0-4, ASN = peer ASN).

I have been using this practice for several years to avoid monitoring alerts that the BGP session went down.  Route-map NAME deny 1 with no match has worked fine.  We only have about half of the number of peers, so it definitely could be churn.  What strikes me as odd; however, is the fact that everything stabilizes after a few minutes once you remove the configuration.  This sounds like a situation I have seen when next-hop reachability fails, the route is withdrawn, and the next update interval the routes are again installed, repeat.  I'm not sure why this would be happening in this scenario as the routes should be withdrawn and not installed again.  A debug would probably shed some light on what is happening, but obviously that would be tantamount to disaster in this situation.

Are you receiving a full feed from your internal BGP sessions once the transit stops accepting NLRI?  Perhaps it truly is churn coming from that direction.

Cory