North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Max Prefixes Configured on Customer BGP
I believe you are correct as long as you inteligently apply this restart-timer on max-prefix along with your dampening policy. YMMV depending on what your defaults are set for. - Jared On Thu, Aug 15, 2002 at 09:09:15PM -0700, Joe Wood wrote: > On Thu, 15 Aug 2002, Richard A Steenbergen wrote: > > > A better system might be where the session is kept up (or periodically > > polled, if you want to make it obvious to the other party that there is a > > problem) without installing the routes, and kept in a "quarantine" state > > for X amount of time to make sure that things stay below a configured > > number. This would be at least a slightly better way of recovering quickly > > once the "problem" has passed, without mucking things up every 15 minutes > > in the process. > > Couldn't you do this with route-dampening? > > So the first leak will of course be propagated before the max-prefix > takes effect. But once these routes are withdrawn, this should > create entries in the history table for these prefixes. > > Depending on your dampening parameters, you should be able to configure > selective ASes to have very low tolerance for dampening, if you don't > already have a low tolerance for dampening.... Once the BGP session is > activated and if the offending prefixes reappear and trigger the > max-prefix threshold and are then withdrawn again, BGP dampening should > dampen the routes for 45 minutes or X, depending on your maximum > suppression value........ > > That X minutes should hopefully be enough time for customer to solve > problem, or for the ISP NOC to get on the phone with the customer. > > While this still propagates the leaked routes at least twice, it does > prevent the routes from being constantly propagated every 15 minutes.... > > Please correct me if I'm wrong......The BGP Dampening route-map feature is > new to me. ;> > > Regards, > > Joe -- Jared Mauch | pgp key available via finger from [email protected] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
|