-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi All, If I'm understanding Christian correctly, he's referring to "out-delay <seconds>". This can be configured for all groups [edit protocols bgp], all neighbours in a group [edit protocols bgp group <foo>] or for an individual neighbour [edit protocols bgp group <foo> neighbour <bar>]. Regards, Guy
-----Original Message----- From: Christian Panigl, ACOnet/VIX/UniVie [mailto:panigl@cc.univie.ac.at] Sent: Tuesday, March 04, 2003 4:46 PM To: routing-wg@ripe.net Cc: christophe.belmont@c-s.fr; panigl@cc.univie.ac.at Subject: GEANT implementing "BGP Guard Time" on their Junipers (was: Route update stats)
Dear all,
remembering the thread on "Route update stats" in December ?
Specifically:
http://www.ripe.net/ripe/mail-archives/routing-wg/2002/msg00050.html
Now Christophe Belmont, GEANT-NOC, together with Juniper found a solution and we successfully tested it:
They implemented "BGP Guard Time" (Cisco like 30 seconds) and the result was impressive:
The number of BGP update messages received from GEANT dropped by ~85% and the number of "flaps" seen from GEANT by ~75% !
BGP guard time (30sec) means that updates are only sent to neighbors for prefixes which have stayed in the routing table for 30 seconds. I'm sure you know the specific problem, that when a prefix is withdrawn in a meshed environment, lots of updates are sent from BGP entities which do think that they still have a (longer) path. It may take quite some time until all these false updates are dying down. Without this guard time a BGP speaker immediately forwards all those false updates to all peers. I guess that if you would globally disable BGP guard time (which fortunately is default ON=30seconds for Ciscos but apparently not for Junipers) quite some routers would collapse on these withdrawal aftermaths.
So my suggestion would be for all ISPs using Juniper routers: turn on "BGP Guard Time" (Cisco like 30 seconds).
Christophe, probably you can post the details to the list !?
Kind regards CP
--- -------------------------------------------------------------- -------- --- --- Christian Panigl : Vienna University Computer Center - ACOnet --- --- VUCC - ACOnet - VIX : -------------------------------------------- --- --- Universitaetsstrasse 7 : Mail: Panigl@CC.UniVie.ac.at (CP8-RIPE) --- --- A-1010 Vienna / Austria : Tel: +43 1 4277-14032 (Fax: -9140) --- --- -------------------------------------------------------------- -------- ---
-----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPmThJ43dwu/Ss2PCEQLPNQCgjYgcomnM4xZ9MD/5Ia2IETGIApkAnivl Iood5hJCA7mbYip1JT8xQXVW =jyoz -----END PGP SIGNATURE----- This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavors to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us.