Cisco access-lists ???
Danny McPherson
danny at genuity.net
Sat Jun 28 04:56:08 UTC 1997
to expand a bit .. i created an acl to match all prefixes longer than a /19:
> access-list 101 permit ip any 255.255.240.0 0.0.15.255
and an acl to match everything else:
> access-list 102 permit ip any any
i created route-map "damp":
> route-map damp permit 10
> match ip address 101
> set dampening 30 750 2000 90
> !
> route-map damp permit 20
> match ip address 102
> set dampening 15 750 2000 60
in the first sequence (10) of the route-map, i match all prefixes longer than
a /19 (via acl 101) and apply the following dampening thresholds:
half-life= 30 minutes
reuse-value= 750
suppress-value= 2000
max-supress= 90 minutes
in the second sequence i match everything else (via acl 102) and applied
cisco's default values:
halflife= 15 minutes
reuse-value= 750
suppress-value= 2000
max-suppress= 60 minutes
i then applied the route-map to bgp dampening:
> router bgp 65534
> bgp dampening route-map damp
each time a route flaps it gets a penalty - 1000. if the cumulative penalty
is greater than the suppress-value (2000 here, so 3 flaps), the advertisement
of the route will be suppressed. the penalty will be exponentially decayed
based on the half-life. once the penalty decreases below the reuse-value (750
here), the advertisement will be unsuppressed.
using cisco's defaults (the second sequence), if a route flaps a lot in a very
short period then becomes stable, it will only be suppressed for a maximum of
1 hour. with the first sequence, the half-life is doubled and the maximum
amount of time a route that has become stable will be suppressed is 90 minutes
.. basically.
back to the floods...
-danny
More information about the NANOG
mailing list