To get an idea about the current number of Internet routes, for both IPv4 and IPv6:
moghaddas@USA> show route summary | match "inet|bgp" inet.0: 560133 destinations, 1663174 routes (558798 active, 0 holddown, 1525 hidden) BGP: 1663124 routes, 558752 active inet6.0: 24047 destinations, 47458 routes (23459 active, 0 holddown, 851 hidden) BGP: 47444 routes, 23447 active
moghaddas@GER> show route summary | match "inet|bgp" inet.0: 541278 destinations, 965338 routes (541118 active, 0 holddown, 206 hidden) BGP: 965308 routes, 541091 active inet6.0: 22658 destinations, 38527 routes (22558 active, 0 holddown, 104 hidden) BGP: 38516 routes, 22549 active
moghaddas@IRE> show route summary | match "inet|bgp" inet.0: 545571 destinations, 1547251 routes (545111 active, 0 holddown, 1237 hidden) BGP: 1547185 routes, 545062 active inet6.0: 23065 destinations, 65881 routes (23026 active, 0 holddown, 90 hidden) BGP: 65860 routes, 23008 active
Now, imagine what would be the outcome of route flaps for a Service Provider environment with many eBGP neighbors. Instability and customer dissatisfaction!
The first solution to avoid such situations is BGP Route Dampening/Damping.
RIPE-580 says:
Route Flap Damping (RFD) [1] is a mechanism for BGP speaking routers that penalises prefixes that exhibit a large number of updates (‘flapping’), and suppresses a route when the accumulated penalty exceeds a given threshold. The penalty decays over time until it reaches a lower threshold at which point the route is unsuppressed. RFD is intended to improve the overall stability of the Internet routing table and reduce the load on BGP speaking routers.
Piece of cake, yeah? Then let’s dive into a sample configuration for JunOS.
- I created the damping policy, named AGGRESSIVE, based on RFC7196 and RIPE-580, which is not really conservative, but little bit destructive and somewhat aggressive:
moghaddas@GER> show configuration policy-options damping AGGRESSIVE | display set set policy-options damping AGGRESSIVE half-life 15 set policy-options damping AGGRESSIVE reuse 750 set policy-options damping AGGRESSIVE suppress 6000 set policy-options damping AGGRESSIVE max-suppress 60
I assume that you know what each parameter does, otherwise I’m sure you will google it!
- Then, the damping policy should be referenced in an import policy:
moghaddas@GER> show configuration policy-options policy-statement DAMPING_POLICY then damping AGGRESSIVE;
- Now, in BGP configuration, after adding the import policy globally, or for a specific neighbor/group, BGP damping should be enabled, which can also be done globally or for a specific neighbor/group:
moghaddas@GER> show configuration | compare rollback 1 [edit protocols bgp] + damping; + import DAMPING_POLICY;
Let’s verify.
- Which routes have flapped (decayed) and might become damped (suppressed)
moghaddas@GER> show route damping decayed inet.0: 541300 destinations, 965348 routes (541093 active, 0 holddown, 253 hidden) + = Active Route, - = Last Active, * = Both 1.186.167.0/24 *[BGP/170] 00:02:05, MED 23040, localpref 100 AS path: 174 9498 45769 I, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0 1.186.168.0/24 *[BGP/170] 00:02:05, MED 23040, localpref 100 AS path: 174 9498 45769 I, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0
- Which routes are suppressed (damped)
moghaddas@GER> show route damping suppressed inet.0: 541307 destinations, 965370 routes (541102 active, 0 holddown, 251 hidden) + = Active Route, - = Last Active, * = Both 5.250.232.0/21 [BGP ] 00:00:27, MED 26050, localpref 100 AS path: 174 20764 59666 I, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0 12.153.50.0/23 [BGP ] 00:00:27, MED 90070, localpref 100 AS path: 174 3549 22602 I, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0
- Which routes are withdrawn but have history
moghaddas@GER> show route damping history inet.0: 541300 destinations, 965357 routes (541108 active, 0 holddown, 238 hidden) + = Active Route, - = Last Active, * = Both 2.93.27.0/24 [BGP ] 00:03:22, MED 157100, localpref 100 AS path: 174 1299 1273 3216 3216 8402 ?, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0 2.93.36.0/24 [BGP ] 00:27:26, MED 157100, localpref 100 AS path: 174 1299 1273 3216 3216 8402 ?, validation-state: unverified > to 49.124.168.61 via xe-0/0/0.0
- You want more information? Then try the “extensive” switch!
moghaddas@GER> show route damping suppressed extensive inet.0: 541303 destinations, 965365 routes (541103 active, 0 holddown, 246 hidden) 5.250.232.0/21 (2 entries, 1 announced) TSI: KRT in-kernel 5.250.232.0/21 -> {indirect(1048574)} BGP /-101 Next hop type: Router, Next hop index: 752 Address: 0x9db1a30 Next-hop reference count: 1270312 Source: 49.124.168.61 Next hop: 49.124.168.61 via xe-0/0/0.0, selected Session Id: 0x12 State: <Hidden Ext> Inactive reason: Unusable path Peer AS: 174 Age: 23 Metric: 26050 Validation State: unverified Task: BGP_174_51862.149.14.68.161+179 AS path: 174 20764 59666 I Communities: 174:21101 174:22014 51862:174 Localpref: 100 Router ID: 154.26.32.31 Merit (last update/now): 12110/11924 damping-parameters: AGGRESSIVE Last update: 00:00:23 First update: 01:20:08 Flaps: 154 Suppressed. Reusable in: 01:00:00 Preference will be: 170