Cisco access-lists ???

Sat Jun 28 04:56:08 UTC 1997

to expand a bit .. i created an acl to match all prefixes longer than a /19:

> access-list 101 permit ip any 255.255.240.0 0.0.15.255

and an acl to match everything else:

> access-list 102 permit ip any any

i created route-map "damp":

> route-map damp permit 10
>  match ip address 101
>  set dampening 30 750 2000 90
> !
> route-map damp permit 20
>  match ip address 102
>  set dampening 15 750 2000 60

in the first sequence (10) of the route-map, i match all prefixes longer than 
a /19 (via acl 101) and apply the following dampening thresholds:

half-life=         30 minutes
reuse-value=       750
suppress-value=    2000
max-supress=       90 minutes

in the second sequence i match everything else (via acl 102) and applied 
cisco's default values:

halflife=          15 minutes
reuse-value=       750
suppress-value=    2000
max-suppress=      60 minutes

i then applied the route-map to bgp dampening:

> router bgp 65534
>  bgp dampening route-map damp

each time a route flaps it gets a penalty - 1000.  if the cumulative penalty 
is greater than the suppress-value (2000 here, so 3 flaps), the advertisement 
of the route will be suppressed.  the penalty will be exponentially decayed 
based on the half-life.  once the penalty decreases below the reuse-value (750 
here), the advertisement will be unsuppressed.

using cisco's defaults (the second sequence), if a route flaps a lot in a very 
short period then becomes stable, it will only be suppressed for a maximum of 
1 hour.  with the first sequence, the half-life is doubled and the maximum 
amount of time a route that has become stable will be suppressed is 90 minutes 
.. basically.

back to the floods...

-danny