BGP Prefix list and BGP Dampning English

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

right in the previous classes we were looking into various aspects of BGP and the last class was about attribute and the before the attribute we were talking about a summarization aggregation stuff in BGP now filtering also be soft using a road map and the filter list and so on we were we were doing filtering based on various thing now here we are focusing filtering based on a s path using regular expression autonomous system part based on the es number autonomous system number I'm going to tune my router to decide on a path based on the autonomous system number I am going to tune my router to desire on a path matching my company policy so for that what we need is we need to know that there is something called a s path access list it's not a normal access list it's an a s path access list where I can write some regular expression what is regular expression they are signs and symbols which indicates which tells of which provides a meaning signs that gives a meaning you know say for example I write here IP airspace access list one permit cap for dollar or says this number it should be the last number the cap says there should not be any number so this should be the first number as well so this should be the first number and this should be the last number so what what I am coming to say is when in this router r1 receive some update if the update is coming from autonomous system for then except then permit only from autonomous systems for seen this diagram here we have r1 I am saying receive the update only from autonomous system for which means from here if I'll have another autonomous system at anima system 8 the update coming from this autonomous system say there is a network called ei dot B dot C dot d here are B dot C daddy will not simply have 4 it will have what 4 8 agreed because it is originating from 8 the last number will be it because r1 is receiving from four first number will be 4 so what I'm coming to say is when I write this yes both access list I am preventing the update that is coming from other autonomous system except autonomous system for getting processed by this router so I don't want to unnecessarily process some networks which is coming from some other autonomous system I want only they are braids coming from autonomous system for to be processed I want only update coming from autonomous system for to be processed by this BGP running on r1 so how do I do that by writing this is part access list along with the regular expression so after writing the Exorcist I call the access list under an out map I give a route map it can be any name forward so I said for permit 10 so this is the syntax of regular expression this is the name you can give any name and then I call the a s part number one which I've created about why I am calling under route map the reason is you cannot call the a s part in the neighbor statement you cannot directly call the s path so you need to call this a spot access list and there are out map and then call the route map in the neighbors statement and you also need to define their direction in or out so what I'm saying is whenever you receive an update from 4.4.4 at for C this router is 4.4.4 that for whenever you receive the update from 4:00 at 4:00 at 4:00 at 4:00 when it is coming in because you are you are in r1 when the update is coming from the neighbor and it is coming in you take the action what action look for the autonomous system for only update coming from autonomous system for only and permit inside rest all what you do filter you understood take one minute go through it if you have course in let me know so the next is another example or understand the ritalin expression when I put - like this what I mean is there can be one number before four and there can be one number after four that's the one in another word what like what I am saying is the update that I am permitting should be passing through autonomous system for who see if I have number here six and eight here what do you say you can say that the updates are passing through four coming from eight learned from six and I learnt from six correct no so you are learning like this if we're router is learning 6 for 8 what it means it is coming from 6 6 received from 4 4 is it from 8 agreed no autonomous system 6 at random stone floor at understory so it is passing through yes 4 so that's the condition only allow the network that I have passed through a s4 to s3 so go to any one of the router in es3 and write this so in the diagram you see here this is the s3 I won't update that is passing correct so see I have a s8 here and I have another a s12 if r3 is receiving like 1 4 8 12 it won't us except but when it receives the update from one one received from four and four received from eight it accepts why it matches the criteria under score for underscore this is one extra it won't take you Nestor so same like before what I do is I write this access list I call it under the route map and I call the route map this I do where I do it on row two three take a minute go through it in he let me know because I say match a spot one it goes and looks for the s both access list that has got one as a name for it and see what policy D has been defined there accordingly when an update is coming in from tora tora tora two you see the diagram here from two to two update is coming we're on our three it is receiving so not three only via writing this it is matching this if the match happens then it permits to get processed shall we see another example here is another example i want to deny the network originating from a s but i want to deny which is coming from a specific member here we are permitting only that is coming from es four correct only allowing coming from ace four but in this here situation is different deny anything originating from four to enter into three if you see the diagram three is here 4 is here so there is one more autonomous system in the middle so how do you need to write that for the one more autonomous system you put the underscore for the for which you want to match as the yes and it should be the last one because from there it originates you know the dollar dollar means that's the last one so when I say deny any number here it can be never a a diagram it is one for then you deny it permit the rest permit all our network so he puts dot star means you know it indicates all dot star any call this both has got the same name call this under the road maps call the road map with the neighbor direction is in because you're writing this on router three any question sequence matter sequence do better that's matter see there's another one only allowed me to originating from me as for and the next day is that is connected to for to enter outer world you see the first person area was allow only this was the question only from for now they are saying you should allow from for and also the next day yes so for the next day as I put underscore because I need to receive from for it should be the first number so I put the cap the next day s can be any number between 0 to 9 and any number that's why any star and then you say end that's the last it should be the last so it will allow the update that is coming from for as Phyllis coming from the other autonomous system maybe eight a tautomer system wait no I don't see okay there is no bigger number than nine I tell you autonomous system can be anything see even if you write fifty thousand five hundred and thirty five this is in this is inside this if this is one single autonomous system number five thousand five hundred thirty five it's single number five is in between zero and nine five is in between 0 and 9 3 is in between say decimal number right it should be what single number zero to nine calling the access list sorry road map is called inside BGP and with the neighbors statement any question right so this is how we do what filtering the routes that is coming in using a s path and regular expression the next topic for the day is dampening dampening what is BGP dampening it's very rare for you to know about this from people in Cisco dampening dampening is nothing but suppressing suppress dampen suppressing BGP suppressing see there are two routes let's say there is a router having two different routes to read some network here in the cloud there are two routes now if the route via our router is always fluctuating let's say u is a router RZ router fork a router to reach ABCD there is our there is a path wire our there is a pathway at you but the path is elected is via our the path that is elected is via our because of the attributes which we learned yesterday so because of attribute assume that K prefers going we have our root R but somewhere on the path between ABC and Kay there's a fluctuation the the the link is going up and down up and down up and down what you will do this router will be keep on you know processing keep on processing there will be lot of packet that is going to ABCD will get dropped because of path is frequently fluctuating so to avoid that what we can do is we can we can educate the kay router we can educate the ki router saying if it is fluctuating like this for this much of time if it reaches this much of penalty then you decide that this route is no more just suppress the route and decide on the other route you know there is two route in your BGP table because one route that you selected is keep on fluctuating and it is reaching the suppression limit you will set a limit actually because it is it is reaching that limit as soon as it reaches the limit you decide that the route is no more consider that route is no more and look for some other route to reach ABCD so that makes his router to provide better service for us automatically you understood the point right now let's see this is done for that we need to learn few terms that is there in drought dampening so why do we need low dampening to reduce the propagation of unstable roots notice keep on fluctuating why should I use the root why should I advertise the root why should i propagate it when it is unstable when it is flapping so I can use some other path to reach the prefix instead of going through the flapping root if if a network is getting flapped once when you enable dampening when the network is getting flapman away a network is going down and coming up that is called flapping going down and coming up as soon as the going down and coming up happens dampening will immediately give penalty of 1000 default penalty value it's a numerical value added now if I will assign penalty 2000 as the higher penalty the maximum penalty for the suppression limit when the suppression limit 2000 is met the penalty we need to see when it fluctuates to time what will happen the penalty will become 2000 right because I said for each flap penalty will be thousand incremented so we need in it reaches 2000 then out will be suppressed the router will say that this route is no more I should not advertise it it will dampen it all right so to understand once the route gets dampened suppressed it will look for another possible path to reach that prefix to reach that network if it finds another network it will use that network it will use that path if you didn't find the another path to the network it'll use it path so the default penalty value is Sun 1000 suppress limiter by default is also by default it is 2,000 you can change the limit but if you are changing the suppress limit you need to do one calculation which is coming later but default is this better to leave it default reuse limited 750 what is the reuse one-time fluctuation happens right so it is 10,000 sorry 1000 now once the penalty is given 1000 it won't be the just now rigid 1000 like that it will be keep on decrement Inc for every second it will go nine nine nine keep on decriminalizing let's assume it is reaching 750 then which means that see for reaching 750 it took a long time right it would have taken a long time so no fluctuation happened that's why it was it was reaching 750 which means for some bad reason once in a fluctuation happens it's no more fluctuating why should I be missed the best route so let us go and reuse it unison why should I avoid the best route because of modern fluctuation if it is often fluctuating then I need to avoid it for some you know silly reason someone may know slightly move the cable and they'd got disturb I should not totally avoid the route so what did I what they have designed this dampening is you can also set the reuse limit by default at a 750 as soon as it reaches 750 it will start reusing but before start before hitting 750 let's say it is in there it is in the 800 when it is an 800 if fluctuation happens 1000 will be added to this you see 1800 it will become unison still the suppression won't be happening but it will be noted as history it will be noted as history before reaching the suppression limit it will be history state will be dampening state will be history it will be H it will not be D you know in the in the BGP table you will see HD which means it has undergone some fluctuation but he does not reach it the suppress limit understand now when it is 1800 it is still using the it is still using the route it has not decided to suppress and it started degree meeting like 1799 keeps going like that let us say it has reached 1300 by the time the fluctuation happens so what it will become 2300 it has already crossed the suppression limit so it will go to where dampening state the route will be no more propagated but again the countdown goes when it reach the 750 it will reuse it Yunis know what I'm saying see from 2300 to reach 750 it will take many minutes so why should I avoid it food because the fluctuation didn't happen for many minutes it's a good route now so there is a there is something called half-life and maximum suppressor limit suppress limit is this maximum suppress limit timer is there let us try to understand that even if the decrement is not happening even if the decrement is not happening for some reason it got stuck here for some reason it got stuck it is stuck in 2003 in it it is not decrementing so what it is going to do is after 15 minutes it will subtract this in half which will be 1150 it will just reduce half of there are 50 percentage of the number in another 15 minutes it will again reduce to another half which will be 625 right whatever 5 identify 5 cent if I which is already less than the reuse limit so this this route would be in use for some reason even after reaching 16 minute if you are not touching 170 it will it will remove a maximum suppress limit meaning it will start using it it will try to start using it again if it make a if it hits the suppress limit then it will start suppressing once again so why we have all this is you should not totally avoid a link by mistake because you know one or two times or three times the fluctuation happens that's because of one or two or three times fluctuation happens rare case we should not avoid the best route you understand what I'm saying so this is what dampening is yes question update getting lost and timing out is different before it times out times out it is coming back and then again going down again before getting time out it is coming back that is fluctuation see if it is a real fluctuation not hardware failure not now cable unplug for a network for one hour it is like you know for some some reason for some some sort of you know fluctuation reason some layer on problem things like that then only this damping is going to be effective right let's see how it works once the route has been dampened the penalty must be reduced to a lower value then the reuse limit in order to be advertised once again this we just now finished seen the half lime timer we already saw what it is I am just explaining through words now by reading half lamp timer also does is a does it automatically what when it reaches the half light level fifteen minutes it automatically reduce the value half of the penalty that it was having half of the penalty will be reduced when it reaches the half lime timer the penalty will be reduced to half if the penalty is thousand and to be reducing to 500 so that it can be reused so that is after waiting what 15 minutes this is what you know the same thing it was 3,000 penalty after half lifetime it went 2500 again after another 15 minutes he went to 750 and it will be started the use the prefix will be in use once again no in case if you change the reuse value to lesser number then another 15 minutes it will come down to another off then to be used what is maximum suppress limit after 60 minutes of wait innovating it makes a suppress bonus unsuppressed which means for 60 minutes nothing happened no fluctuation happens why should I avoid it right so here is one another important thing this is what very important according to me in this dampening page if you are putting customize to suppress value see what is the default suppress value what's the default suppress limit 2000 if you are going to change a customized suppress limit a customized reuse limit customize half line of life you need to know this formula max penalty is one kind of penalty which you don't do anywhere which you you don't configure anywhere but algorithm calculates it there is something called max max penalty what it will do it take the reuse limit reuse limit is thousand five hundred multiplied by two power of God like this max suppressed I'm sixty divided by the half lime time thirty so it will become what 1 5 0 0 into 2 power 2 which is 4 4 15 so 6000 so the maximum penalty time is 6000 there is a maximum so even if you say 10000 it is going to it is going to suppress after 6000 penalty so don't give simply big number 4 suppress limit 2000 you can give way it is still under the maximum penalty why why they have this one this arrangement because you know someone should not simply give some big number where this dampening would be really effective so even if you mistakenly give some big number which is going to spoil the dampening dampening will never happen even after mini fluctuation to guarantee their dampening takes care of fluctuation they also does some calculation behind the screen for the suppress limit which is called maximum penalty limit any question that is what you calculate by using this command you cannot simply give some big number gives a meaningful number have you know the meaningful number calculate and see this max penalty this is the maximum suppress limit time you can give when you're reuse time is this when your half lime time is this when your maximum supress limit is this and you have these three for that this is the maximum suppress limit don't give some big number without any cancellation you can give anything less than this on this one what if I give some big number dampening will get disabled dampening will say sorry your value that you are giving is beyond the maximum penalty limit it's more than the method penalty which is not going to be effective so I am going to disable dampening it will definitely do it if you randomly give some number question now let's see how to configure it very easy say for example for this particular subnet tend or 1.0.1 I want to configure dampening means if it is fluctuating see you can go and shut down this loopback interface when you do the lab shutdown is due back in tradition I do you configure this dampening you configure this on r2 you configure this on r2 r2 is getting advertisements when you shut down this loopback interface once and say no shut down what it is going to do is it is going to provide the penalty of thousand when the penalty reaches 2000 it is going to dampen what is this 500 500 is the reuse penalty reuse what is this - - is the primer - is the half-life timer half-life timer the first number is half-life timer you put customer you will know it see I write an access list called flap I call the access list under the roadmap roadmap and access this can be in same number a name nothing wrong and then the same road map itself I'm setting the dampening value the first value is half-life if you have doubt you can put question mark it will show you second number is the reuse penalty value the third one is the maximum penalty value or the suppress limit the suppress limit and the fourth one is the maximum suppress limit in seconds maximum suppress limit know where you will be assigning maximum penalty maximum penalty is running behind the screen this algorithm is running behind the screen you will not you will not see that but when you do your own customized suppress limit don't give this simple big numbers use this algorithm calculate what is my what is maximum possible try to keep it less than that see 2001 you can keep but let us see calculate and see fighter 500 okay the reuse limit reuse limit is 500 ok then 500 x to power of 3 divided by 2 so 3 divided by 2 will be a fraction number what is thousand 500 all right thousand 500 the maximum suppress limit I can give I am giving two thousand so you throw everything it'll definitely throw error if I put this one it will definitely throw error it will cancel the dampening so that's why you should not simply give some big number right then I can I can increase this increase this number so that I can have 200 fine so after that you call this roadmap and their BGP saying BGP dampening roadmap flap you're calling the road map called flap what is this route / flap for me 20 C you are writing only accesses for tender 1.0.1 dampening you are enabling only for that that network the other letter will be implicit deny so to permit the other network you simply write this one so that whichever is not matching here will be permitted without 20 is a sequence number say this is 10 this is 20 route map sequence number it can be even living just differently no sequence number for out lap C name is same flap road map is same but this flap is different this flap is different this is for this access list and dampening this is for this flap is for other networks so how do you differentiate by sequence number you have question if you will do this lab once you'll be comfortable if you do this once see in access list I'm matching only this sublet why you know I want to take dampening only when this network fluctuates not for every Network so I need to match with an access list and call the access list and say if the fluctuation happens for this then do this dampening under BGP I'm calling it because it's B Jeep is updated for ten dot one dot dot one did you understand which part this but see when you write a road map matching with some network rest of the networks will be implicit denied means you know these three will be implicitly denied in order to allow the other three network I need to simply write one permit road map it is same like easier in accesses you write pomeranian e right like that so these three will be allowed without dampening this will be allowed by checking dampening this is for the other networks this is for 10.1 dots your door one night work call this in order to mention it by default it will match there because you are saying for me param it means permit anything permit any any say permit it permits anything which is not matching on the top see any rate access to did you say permit a knee yes but did you say permit any these this this no route map is nothing but an advanced access list so same like your accesses here what impressive deny so the verification command is you will see if it is history or dampening by typing this command in case if you want to clear dampening this is the comment if you want to simply clear the flap status see for every flap flap will get incremented by one to clear the flap status this to clear the dampening this to verify whether dampening is happening for this particular network this overall is this all right try to do exactly the same topology which you see in the diagram and when you face some trouble let me know I'll fix it but you need to make sure that you do the calculation here maximum penalty if you make mistake here giving the big numbers which is not under the max penalty limit then as soon as you say shut down or shut down the damping will get cancelled because it is going beyond the expedited limit no not sad or not sure as soon as you configure finish can fearing it will say I am canceling the dampening because it is beyond the maximum limit yeah you can give this number if if the maximum penalty is six thousand you can give a five thousand five hundred you can give six thousand also you can give two thousand that is up to you I want to take action soon so I will say two thousand but you cannot simply say it's a big number and we're dampening won't be more effective right so we stop here

Info

Channel: Jayachandran

Views: 5,727

Rating: undefined out of 5

Keywords: BGP, Dampning, network, jayachandran, sathiyan, online, training, tamil, english, cisco

Id: rKhf2QE-wXo

Channel Id: undefined

Length: 43min 8sec (2588 seconds)

Published: Wed Feb 08 2017