BGP route damping.
A BGP route using a next-hop that is affected by rapid link flapping can cause routing instability throughout the entire AS. BGP routers receiving an update message have to propagate this message to their peers and at the same time, the BGP router has to recalculate it’s tables. To provide for more stability and to be able to cope with route flapping, the BGP protocol was extended with route dampening (defined in RFC 2439).
Route dampening is applicable only to EBGP and it is completely ignored in IBGP sessions. BGP dampening penalizes flapping routes. With dampening enabled, BGP speaking routers will start to maintain a database of instability. As soon as a route is flapping too much, damping is initiated. This means that the route will be ignored by the BGP route selection process and route changes will no longer be propagated for a certain period.
The way that the BGP damping penalizing system works is as follows. A newly learned BGP route is given a fresh start and gets a value of 0. This value is increased when the route is involved in any of the following incidents:
• the route is withdrawn: 1000 points added
• the route is readvertised: 1000 points added
• one of the path attributes changes: 500 points added
BGP damping monitors the points a route has gathered. As soon as a route reaches the suppress threshold, the route will be suppressed. As long as a route is suppressed, damping is initiated. Routes also have a half-life. This is a value that determines how fast the accumulated points of a route decay. When a route is suppressed, the points that the route accumulated have to decay to a value below that of the reuse value. As soon as that has happened, the route can be used again. The last important value is the maximum hold-time value. This is the maximum penalty a route can get for flapping.
Take a look at the following graph:
The line represents the number of points a route has. Whenever the route experiences an incident, penalty points are added (red line). After the penalty points are added, the points start decaying over time again (blue line).
The route has a value of zero until the first incident. In this first incident, 1000 penalty points are added to the route. However, because the suppress limit is not reached yet nothing happens. The only thing that happens after the first incident, apart from incurring a penalty, is that the penalty points the route has gathered start decreasing immediately. The rate at which the points decrease is determined by the half time. In the example graph, it takes four 1000-points incidents to reach the suppress threshold. After that happens, the route has to reach the reuse limit before it is considered in the route selection process again.
BGP damping example scenario:
In this example, the Sol router is using BGP to advertise its loopback to the Mars router. Mars advertises the prefix to the Genius router. Genius has BGP damping enabled.
BGP damping is not a single configuration statement. It requires configuration statements under different stanza’s. In the [policy] stanza, a damping profile has to be created. This profile can be referenced under a policy action. In the [protocols bgp] stanza, the policy needs to applied and the keyword ‘damping’ has to be enabled.
Before we dive into the configuration, the four damping profile parameters needs some clarification.
• suppress: the penalty value when damping is initiated (default 3.000)
• reuse: a value where a BGP dampened route is considered usable again (default 750)
• half-life: the number of minutes it takes to reduce the damping penalty by half (default 15)
• max-suppress: the maximum hold-time in minutes (default is 60)
The configuration for the routers is as follows (all damping related configuration is in Red):Genius:
set interfaces xe-2/0/0 unit 121 description MARS set interfaces xe-2/0/0 unit 121 vlan-id 121 set interfaces xe-2/0/0 unit 121 family inet mtu 1500 set interfaces xe-2/0/0 unit 121 family inet address 188.8.131.52/30 set interfaces lo0 unit 1 family inet address 184.108.40.206/32 set protocols bgp damping set protocols bgp group ebgp import genius-bgp-import set protocols bgp group ebgp neighbor 220.127.116.11 peer-as 2 set policy-options policy-statement genius-bgp-import term dampening-sol-loopback from route-filter 18.104.22.168/32 exact set policy-options policy-statement genius-bgp-import term dampening-sol-loopback then damping sol-loopback set policy-options damping sol-loopback half-life 5 set policy-options damping sol-loopback suppress 1000 set policy-options damping sol-loopback max-suppress 20 set policy-options damping sol-loopback reuse 300 set routing-options autonomous-system 1Mars:
set interfaces xe-2/0/0 unit 128 description SOL set interfaces xe-2/0/0 unit 128 vlan-id 128 set interfaces xe-2/0/0 unit 128 family inet mtu 1500 set interfaces xe-2/0/0 unit 128 family inet address 22.214.171.124/30 set interfaces xe-2/0/1 unit 121 description GENIUS set interfaces xe-2/0/1 unit 121 vlan-id 121 set interfaces xe-2/0/1 unit 121 family inet mtu 1500 set interfaces xe-2/0/1 unit 121 family inet address 126.96.36.199/30 set interfaces lo0 unit 2 family inet address 188.8.131.52/32 set protocols bgp group ebgp neighbor 184.108.40.206 peer-as 1 set protocols bgp group ebgp neighbor 220.127.116.11 peer-as 3 set routing-options autonomous-system 2Sol:
set interfaces xe-2/0/1 unit 128 description MARS set interfaces xe-2/0/1 unit 128 vlan-id 128 set interfaces xe-2/0/1 unit 128 family inet mtu 1500 set interfaces xe-2/0/1 unit 128 family inet address 18.104.22.168/30 set interfaces lo0 unit 3 family inet address 22.214.171.124/32 set protocols bgp group ebgp export sol-bgp-export set protocols bgp group ebgp neighbor 126.96.36.199 peer-as 2 set policy-options policy-statement sol-bgp-export term direct from protocol direct set policy-options policy-statement sol-bgp-export term direct from route-filter 188.8.131.52/32 exact set policy-options policy-statement sol-bgp-export term direct then accept set routing-options autonomous-system 3
As soon as all neighbors are up, we can observe the following on the Genius router:
play@MX104-TEST-HB:GENIUS> show bgp summary Groups: 1 Peers: 1 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 1 1 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 184.108.40.206 2 7 6 0 3 1:53 1/1/1/0 0/0/0/0
The BGP session between Genius and Mars is up and Genius is learning 1 prefix:
play@MX104-TEST-HB:GENIUS> show route protocol bgp inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 220.127.116.11/32 *[BGP/170] 00:01:58, localpref 100 AS path: 2 3 I, validation-state: unverified > to 18.104.22.168 via xe-2/0/0.121
To see if BGP damping is successfully enabled on the session, we can use the following command:
play@MX104-TEST-HB:GENIUS> show bgp neighbor 22.214.171.124 | match amping Options: <Preference Damping PeerAS Refresh> Suppressed due to damping: 0
This tells us that Damping is enabled and that the router is currently not suppressing any routes. When we clear the BGP session between Mars and Sol several times, we can observe the following:
play@MX104-TEST-HB:GENIUS> show route damping suppressed extensive inet.0: 4 destinations, 4 routes (3 active, 0 holddown, 1 hidden) 126.96.36.199/32 (1 entry, 0 announced) BGP /-101 Next hop type: Router, Next hop index: 2731 Address: 0x28280f4 Next-hop reference count: 1 Source: 188.8.131.52 Next hop: 184.108.40.206 via xe-2/0/0.121, selected Session Id: 0x700001 State: <Hidden Ext> Local AS: 1 Peer AS: 2 Age: 43 Validation State: unverified Task: BGP_220.127.116.11.86+58013 AS path: 2 3 I Localpref: 100 Router ID: 18.104.22.168 Merit (last update/now): 4473/4078 damping-parameters: sol-loopback Last update: 00:00:43 First update: 00:04:19 Flaps: 6 Suppressed. Reusable in: 00:19:00 Preference will be: 170 play@MX104-TEST-HB:GENIUS> show route protocol bgp inet.0: 4 destinations, 4 routes (3 active, 0 holddown, 1 hidden) play@MX104-TEST-HB:GENIUS>
The route has become suppressed and it is no longer in the routing table. The ‘show route damping’ command basically lists three interesting values. These are Merit, flaps and ‘Suppressed. Reusable in’. These last two are rather self-explanatory. The Merit value is less obvious. It show two values. The first value is the value that the route reached when penalty points were added. The second value is the number of points the route still has. Now, suppose we wanted to make the prefix available immediately instead of waiting 19 minutes? We could simply clear the damping, observe:
play@MX104-TEST-HB:GENIUS> clear bgp damping 22.214.171.124 play@MX104-TEST-HB:GENIUS> show route damping suppressed extensive inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) play@MX104-TEST-HB:GENIUS> show route protocol bgp inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 126.96.36.199/32 *[BGP/170] 00:03:32, localpref 100 AS path: 2 3 I, validation-state: unverified > to 188.8.131.52 via xe-2/0/0.121
One last thing. RFC 2439 is dated November 1998. Today’s routers have totally different specs and they can cope with some routing instability. Because of the possible adverse effects damping can have, RIPE advised against the use of damping in 2006 in ripe-378. In 2013, RIPE started to encourage damping again in ripe-580. This time, they advised on using values that are far more relaxed than most of the vendors’ standard values (including those of Juniper), using dampening only to combat the worst (or least stable) offenders.
Hopefully this brings you a little understanding on how BGP dampening works, possibly enabling you to decide to implement it or not.