< Free Open Study > |
8-16 neighbor { ip-address peer- group - name } maximum-prefix prefix-limit threshold-value warning-onlySyntax Description:
Purpose: To limit the number of prefixes learned from a specific neighbor. The threshold-value determines the value that causes the router to generate a warning. For example, if the prefix-limit is set to 1000 and the threshold-value is set to 75 percent, the router generates a warning when 751 prefixes are received from the neighbor. When the number of prefixes received from the neighbor exceeds the prefix-limit, the BGP connection between the neighbors is terminated . If the warning-only option is used, the router issues a warning when the prefix limit has been exceeded, but the connection is not terminated. Cisco IOS Software Release: 11.3 Configuration Example: Controlling the Maximum Prefixes Learned from a BGP NeighborThe configuration shown in Figure 8-14 demonstrates the maximum-prefix commands. Router A is configured with a prefix-limit of 8. The nine loopback interfaces on Router B are used to generate the prefixes that are advertised to Router A. Figure 8-14. Configuration Used to Demonstrate the maximum-prefix Commands
Router A router bgp 1 neighbor 10.1.1.2 remote-as 2 neighbor 10.1.1.2 maximum-prefix 8 ___________________________________________________________________________ Router B interface loopback 0 ip address 172.16.0.1 255.255.255.0 ! interface loopback 1 ip address 172.16.1.1 255.255.255.0 ! interface loopback 2 ip address 172.16.2.1 255.255.255.0 ! interface loopback 3 ip address 172.16.3.1 255.255.255.0 ! interface loopback 4 ip address 172.16.4.1 255.255.255.0 ! interface loopback 5 ip address 172.16.5.1 255.255.255.0 ! interface loopback 6 ip address 172.16.6.1 255.255.255.0 ! interface loopback 7 ip address 172.16.7.1 255.255.255.0 ! interface loopback 8 ip address 172.16.8.1 255.255.255.0 ! router bgp 2 neighbor 10.1.1.1 remote-as 2 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 network 172.16.4.0 mask 255.255.255.0 network 172.16.5.0 mask 255.255.255.0 For this initial configuration, the default threshold value of 75 percent is used on Router A. This should cause a warning on Router A when seven routes ([%75 percent of 8] + 1) are received from Router B. VerificationVerify the maximum-prefix parameters by using the show ip bgp neighbors command on Router A: rtrA# show ip bgp neighbors BGP neighbor is 10.1.1.2, remote AS 2, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 10.1.1.2 BGP state = Established, table version = 7, up for 00:53:07 Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 375 messages, 0 notifications, 0 in queue Sent 343 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 20; dropped 19 Last reset 00:53:28, due to User reset 6 accepted prefixes consume 192 bytes, maximum limit 8 Threshold for warning message 75% 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 10.1.1.1, Local port: 11015 Foreign host: 10.1.1.2, Foreign port: 179 In order to test the maximum-prefix command, add a network statement to the BGP configuration on Router B. This will cause the number of received prefixes to exceed the threshold value of 75 percent: Router B router bgp 2 neighbor 10.1.1.1 remote-as 2 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 network 172.16.4.0 mask 255.255.255.0 network 172.16.5.0 mask 255.255.255.0 network 172.16.6.0 mask 255.255.255.0 Router A should generate the following warning: rtrA# 05:04:45: %BGP-4-MAXPFX: No. of prefix received from 10.1.1.2 reaches 7, max 8 If we add one more network statement to the BGP configuration on Router B, the prefix limit will be reached on Router A: Router B router bgp 2 neighbor 10.1.1.1 remote-as 2 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 network 172.16.4.0 mask 255.255.255.0 network 172.16.5.0 mask 255.255.255.0 network 172.16.6.0 mask 255.255.255.0 network 172.16.7.0 mask 255.255.255.0 Router A will generate the following message: rtrA# 05:10:58: %BGP-4-MAXPFX: No. of prefix received from 10.1.1.2 reaches 8, max 8 If we add one more network statement to the BGP configuration on Router B, the prefix limit set on Router A will be exceeded. Because we did not use the warning-only option, the BGP connection will be terminated: Router B router bgp 2 neighbor 10.1.1.1 remote-as 2 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 network 172.16.4.0 mask 255.255.255.0 network 172.16.5.0 mask 255.255.255.0 network 172.16.6.0 mask 255.255.255.0 network 172.16.7.0 mask 255.255.255.0 network 172.16.8.0 mask 255.255.255.0 The BGP connection should terminate. Verify this claim by using the show ip bgp neighbors command: rtrA# show ip bgp neighbors BGP neighbor is 10.1.1.2, remote AS 2, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 0.0.0.0 BGP state = Idle, table version = 0 Last read 00:00:45, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 402 messages, 0 notifications, 0 in queue Sent 360 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 22; dropped 22 Last reset 00:00:46, due to Peer over prefix limit Peer had exceeded the max. no. of prefixes configured. Reduce the no. of prefix and clear ip bgp 10.1.1.2 to restore peering No active TCP connection The BGP connection has been terminated, as indicated by the Idle state. If we had used the warning-only option on Router A, only a warning would be generated, as shown: rtrA# 05:12:59: %BGP-3-MAXPFXEXCEED: No. of prefix received from 10.1.1.2: 9 exceed 8 With the warning-only option, the BGP connection is not terminated if the prefix limit is exceeded. This can be seen by using the show ip bgp neighbors command on Router A: rtrA# show ip bgp neighbors BGP neighbor is 10.1.1.2, remote AS 2, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 10.1.1.2 BGP state = Established, table version = 7, up for 00:53:07 Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 375 messages, 0 notifications, 0 in queue Sent 343 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 20; dropped 19 Last reset 00:53:28, due to User reset 6 accepted prefixes consume 192 bytes, maximum limit 8 (warning-only) Threshold for warning message 75% 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 10.1.1.1, Local port: 11015 Foreign host: 10.1.1.2, Foreign port: 179 Troubleshooting
|
< Free Open Study > |