Difference between revisions of "Manual:Limiting maximum number of prefixes accepted"
|(3 intermediate revisions by 2 users not shown)|
|Line 39:||Line 39:|
Latest revision as of 14:40, 19 March 2014
Misconfiguration of BGP routers occasionaly lead to an injection of large route tables in BGP routing system. To protect your network against such "route leaks", you can limit maximum prefix count accepted.
max-prefix-limit (integer, default: unlimited) - maximum number of prefixes accepted from specific peer. After this limit is exceeded, TCP connection between peers is tear down.
max-prefix-restart-time (seconds) - minimum time interval after which peers can reestablish BGP session.
default - infinity, i.e. session is not reestablished without manual intervention.
[admin@A] > routing bgp peer set peer1 max-prefix-limit=10000 max-prefix-restart-time=3600 [admin@A] > routing bgp peer print 0 name="peer1" instance=default remote-address=159.148.xx.xx remote-as=64550 tcp-md5-key="" nexthop-choice=default multihop=yes route-reflect=no hold-time=3m ttl=100 max-prefix-limit=10000 max-prefix-restart-time=1h in-filter="" out-filter=""
To observe how many prefixes from a particular peer are installed in the routing table, pay attention to prefix-count attribute:
[admin@A] > routing bgp peer print status 0 name="peer1" instance=default remote-address=159.148.xx.xx remote-as=64550 tcp-md5-key="" nexthop-choice=default multihop=yes route-reflect=no hold-time=3m ttl=100 max-prefix-limit=10000 max-prefix-restart-time=1h in-filter="" out-filter="" remote-id=10.0.11.155 uptime=1m33s prefix-count=628 updates-sent=1 updates-received=762 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes state=established
Negative effects of this mechanism are complete routing breakdown after BGP session is destroyed. Most probably routing will be broken until manual intervention of network operator that could take hours.
Theoretically this can be imporved using max-prefix-restart-time, but obviously until the situation is not fixed at remote peer's end, session will be destroyed repeatedly.
In short, this feature is acceptable as an emergency means. It is not a replacement for full-scale routing filters. ISPs should only accept prefixes which have been assigned or allocated to their downstream peer and filter out everything else.