November, 2008

BGP Cease Notification Codes

November 12, 2008 * Comments(0)

Quick Post this….

Saw the following today at work (naturally the neighbor ips have been changed to protect the innocent :) )

Nov 12 16:50:23: %BGP-3-NOTIFICATION: received from neighbor 1.2.3.4 6/3 (cease) 0 bytes
Nov 12 16:50:23: %BGP-5-ADJCHANGE: neighbor 1.2.3.4 Down BGP Notification received
Nov 12 16:51:10: %TCP-6-BADAUTH: No MD5 digest from 1.2.3.4(179) to 4.3.2.1(22966) (RST)
Nov 12 16:51:12: %TCP-6-BADAUTH: No MD5 digest from 1.2.3.4(179) to 4.3.2.1(22966) (RST)

Never having encountered cease notifications before I presume that the 6/3 in the notification refers to code 6 subcode 3.

BGP notification 6 does indeed mean cease:
Used when a BGP device wants to break the connection to a peer for a reason not related to any of the error conditions described by the other codes.

RFC 4486 (http://www.ietf.org/rfc/rfc4486.txt) tells us that subcode 3 = peer de-configured:

Subcode     Symbolic Name

1        Maximum Number of Prefixes Reached
2        Administrative Shutdown
3        Peer De-configured <=================

FR End-to-End Keepalives (FREEK!)

November 11, 2008 * Comments(4)

Why use FR End-to-End Keepalives (FREEK) ?

  • To tell the status of a PVC (whether its up or down) DESPITE what LMI tells us. i.e we IGNORE what the FR Switch tells us about the status of the DLCI!
  • End-to-end keepalives add ability to track VC status (Active/Inactive/Deleted) between DTE devices (routers) across a multi provider domain

Why would we want to not rely on LMI?

  • Frame Relay networks today arent what they used to be. We USED to have end-to-end LMI & if we were told “active” it really meant things were working. TODAY’s networks are most likely just frame relay to the edge of the client. Once inside the SP network we can have:
    • Multiple providers (FRNNIs between each provider) (AT&T -> Sprint – > CLEC)
    • Protocol handoffs
      • FR -> ATM; FR -> POS

or something else where we LOSE LMI.

  • As long as the PE router has a route to the other side’s PE router, it thinks everything is perfectly cool REGARDLESS of whether your router on the other side is even powered on!

Consider the following scenario:

R2 (DLCI 204) s1/1.1 multipoint <==== Frame Switch ====> S1/0 (DLCI 402) R4
R1 (DLCI 104) s1/1.1 <==== Frame Switch ====> s1/0 (DLCI 401) R4

We want to implement FREEK here between R2 (DLCI 204) & R4 ONLY (DLCI 402)

FREEK is configured under a map class with the following command:

  • frame-relay end-to-end {bidirectional | request | reply | passive-reply}
    • bidirectional – both ends send & receive freeks
    • request – the side this is set on, can send keepalives & respond to any replies
    • reply – the side this is set on, can NOT send keepalive; it only replies to keepalives it receives
    • passive-reply – same as reply but does not

So lets configure the FREEK map class on R2 & R4:

map-class frame-relay FREEK
frame-relay end-to-end keepalive mode bidirectional

NB. I used bidirectional as there was no requirement for R2 to only send or receive e2e keepalives.

A few things of note here:

FREEK keepalive timer for sending keepalives is every 10 secs (default)
However the keepalive timer for receiving/expecting keepalives is 15 secs (default), no doubt the extra 5 secs is to help in receiving keepalives that may take slightly longer than 10 secs to arrive.

FREEK has a concept called the event window, & error event.
An error event corresponds to a missed keepalive.
The event window is the max no of error events (missed keepalives) that can occur before FREEK will bring down the pvc that has the missed keepalives. The default event window size is 3 (the usual 3 missed keepalives = problem thing)

Now the command to apply a map class varies depending on where you are applying it.
It can be applied under:

  • Main interface
  • Subinterface
  • PVC

In the case of R2, the DLCI 204 resides on the multipoint subinterface of R2.
So, in this case we need to apply the FREEK map class under R2’s multipoint subint s1/1.1

In the case of R4, the DLCI 402 resides on the main interface of R4, s1/0
However! We also have ANOTHER dlci (401) also residing on R4’s main interface s1/0.

Now, if we went ahead & applied the map class to R4’s MAIN interface what would happen?
FREEK would be associated with ALL the DLCIs residing on the main interface.
So, FREEK would be working fine between R2 & R4, as R2 & R4 are both configured for FREEK.
However, as FREEK is also associated with DLCI 401 on R4, R4 will send out keepalives on DLCI 401 to R1.
R1, naturally, is not configured for FREEK, & as such, will ignore the FREEKs sent by R4!

You can probably see now that we will have a problem.
As R4 is configured for keepalive mode bidirectional, R4 is expecting a response to the keepalives it is sending to R1.
R1 shrugs and doesn’t respond to any FREEKs it gets from R4.
After 3 missed keepalives on DLCI 401 (to R1) (i.e 3×10 = 30 secs), R4 brings down the pvc to R1.

If you recall I wrote at the beginning:
To tell the status of a PVC (whether its up or down) DESPITE what LMI tells us. i.e we IGNORE what the FR Switch tells us about the status of the DLCI!

Even though R4’s PVC status = ACTIVE, FREEK doesn’t care and drops the PVC.

So, in order to circumvent this problem, on R4, we ONLY apply the map class to the PVC 402!

The config is:

On R2:

int s1/1.1
frame-relay class FREEK

On R4:

int s1/0
frame-relay interface-dlci 402
class FREEK

And thats that.

Modifying FREEK parameters

  • All commands begin with: frame-relay end-to-end keepalive

Verifying FREEK

  • show frame-relay end-to-end keepalive

    • look for: * – EEK UP | EEK DOWN
  • show frame-relay PVC
    • look for: * – EEK UP | EEK DOWN


Finally some rules regarding FREEK configuration:

  • You must configure both ends of a VC to send keepalives.
  • If one end is configured as bidirectional, the other end must also be configured as bidirectional.
  • If one end is configured as request, the other end must be configured as reply or passive-reply.
  • If one end is configured as reply or passive-reply, the other end must be configured as request

Status Update 06/11/08

November 6, 2008 * Comments(0)

Hi (to anyone actually reading this! :) )

I’ve been somewhat slack of late with my CCIE studies.

Went to Amsterdam over the weekend and had a blast.

Main reason for going (no it wasnt the hash/weed lol) was actually to see one of my fav groups Within Temptation live for the 1st time. Managed to get my pic taken with the lead singer Sharon Den Adel, which was VERY cool! They are real down to earth guys.

Anywayy

Back in Blighty (UK) now, so will buckle down to study and hopefully soon some posts.

I’ve recently purchased the Internetwork Expert Version 5 Vol 1 workbook.

After hearing so much praise for it I thought it would be a good idea to run through it in addition to IPexpert Vol 1.

What I’ve been finding with IPexpert vol1 is that I keep getting caught up in interpretation issues, and this has resulted in me taking longer to get thru bridging & switching than I intended.

What I’ve also found is that if I’m not using Proctor Labs than getting my initial configs setup takes a fair bit of time, due to the Ipexpert Vol1 labs having initial configs for ALL routers (R1 to R9) and switches.

Having to modify serial interfaces etc for all of those does take time if not using proctor, so in future I think I will just resort to Proctor Labs there to “reduce the pain”.

Now I know the lab is all about interpretation, but I wanted to focus more on learning technologies right now than interpretation.

Dont get me wrong, IPexpert Vol1 is great, and I’ve already picked up a lot from it, so I will prob use it AFTER I’ve done the IE vol1 to cover any cracks missed with IE.

Anyway thats it for now!