Restricting the Number of Routes Advertised to a BGP Peer

Problem

You want to control the number of routes that your peers send you.

Solution

Set the maximum number of routes that you will accept from each of your peers:

[edit protocols bgp group session-to-AS65505 neighbor 10.0.31.1 ] aviva@RouterF# set family inet unicast prefix-limit maximum 7500 aviva@RouterF# set family inet unicast prefix-limit teardown

Discussion

As an ISP, you keep track of how many routes each of your peers and customers normally send you. This number generally increases slowly over time. To place a limit on the number of routes a peer or customer can send you, set a maximum number of routes to accept. This type of administrative policy guards against an inadvertent policy misconfiguration, which, in the worst case, could result in a peer or customer redistributing the full Internet routing table to you. You decide on the maximum number of prefixes you accept based on the normal number of routes exchanged with the peer, and, when the limit is reached, BGP tears down the session with the peer. Typically, you take the current number of routes exchanged and add about 50 percent.

In this recipe, we know that neighbor 10.0.31.1 typically sends 5,000 prefixes, so we set the limit to 7,500 prefixes. For example, if the peer tries to send the entire Internet routing table (on the order of 170,000 prefixes), BGP on the local router will shut down the peering session with the neighbor. This shutdown tells both you and the peer that something has gone wrong at his end.

To verify the configuration, look at the BGP neighbors information:

aviva@RouterF> show bgp neighbor 10.0.31.1 Peer: 10.0.31.1+4051 AS 65505 Local: 10.0.31.2+179 AS 65500 Description: EBGP to Customer A Type: External State: Established Flags: Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Export: [ send-statics ] Options:

Address families configured: inet-unicast Holdtime: 90 Preference: 170 Number of flaps: 2 Peer ID: 192.168.14.1 Local ID: 192.168.16.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 Local Interface: t1-0/0/3.0 NLRI advertised by peer: inet-unicast NLRI for this session: inet-unicast Peer supports Refresh capability (2) Table inet.0 Bit: 10000 RIB State: BGP restart is complete Send state: in sync Active prefixes: 5 Received prefixes: 8 Suppressed due to damping: 0 Advertised prefixes: 8 Last traffic (seconds): Received 3 Sent 28 Checked 28 Input messages: Total 253 Updates 4 Refreshes 0 Octets 4967 Output messages: Total 261 Updates 12 Refreshes 0 Octets 5411 Output Queue[0]: 0

On the Options line, the option PrefixLimit indicates that the number of prefixes this neighbor can send has been limited.

When the prefix limit is reached and the EBGP session is torn down, a message is logged to the system logging files:

Aug 6 22:19:21 M20-R7 rpd[2254]: 10.1.6.2 (External AS 65501): Configured maximum prefix-limit(10) exceeded for inet-unicast nlri: 13

If you want some advanced warning that the peer is nearing the maximum number of prefixes you will accept from it, you can have BGP log a message when the peer has sent some percentage of the maximum allowed prefixes. The following example uses a percentage that is about halfway between the normal number of prefixes and the maximum:

[edit protocols bgp group session-to-AS65505 neighbor 10.0.31.1 ] aviva@RouterF# set family inet unicast prefix-limit teardown 85

After the session is torn down, it will be re-established a short time later. In most cases, this behavior is fine. You might want to force the session to stay down for a fixed amount of time to give you time to investigate what might be causing the prefix overflow or to contact the administrator of the remote AS. This command keeps the session down for 5 minutes (300 seconds):

[edit protocols bgp group session-to-AS65505 neighbor 10.0.31.1 ] aviva@RouterF# set family inet unicast prefix-limit idle-timeout 300

Under extreme conditions, you might want the session to stay down until you manually restart it:

[edit protocols bgp group session-to-AS65505 neighbor 10.0.31.1 ] aviva@RouterF# set family inet unicast prefix-limit idle-timeout forever

Use the clear bgp neighbor command to restart the session:

aviva@RouterF> clear bgp neighbor 10.0.31.1 Cleared 1 connections

After the session is reestablished, the Error line in the show bgp neighbor output reports Cease to indicate that the session was cleared:

aviva@RouterF> show bgp neighbor 10.0.31.1 Peer: 10.0.31.1 AS 65505 Local: 10.0.31.2 AS 0 Description: EBGP to Customer A Type: External State: Active Flags: <> Last State: Idle Last Event: Start Last Error: Cease Export: [ send-statics ] Options:

Address families configured: inet-unicast Holdtime: 90 Preference: 170 Number of flaps: 3 Error: Cease Sent: 1 Recv: 0 …

See Also

Recipe 13.15