BGP neighbor/configuration testing
joelja at bogus.com
Wed Nov 20 20:07:00 UTC 2013
On 11/20/13, 11:53 AM, Eric A Louie wrote:
> Scenario: a regional ISP preparing to cutover to a new upstream BGP provider at one of my POPs. Want minimal or no network disruption, and want to ensure everything is ready to go prior to the cutover.
> I'm planning to use the following order of operations:
> 1. Establish IP connectivity to the new ISP (already done)
> 2. Configure my BGP router and shutdown the new neighbor (ISP says their side is already configured and ready)
normally you just bring up the session with restrictive import/export
e.g. reject all and see what they send you. that was you can verify
what's copacetic before you employ it.
> 3. During the maintenance window for this change, activate the new BGP connection (remove neighbor shutdown)
> 4. Do the appropriate tests (sh bgp nei, login to my upstream's route server and check route advertisements, sign in to looking glass and/or route servers from other providers to see if my routes from the new ISP are being advertised, and I'm open to any other tests)
Apply the export policy associated with sending your prefix to them.
assume they're using rpf and they'll blackhole any traffic from you
until they receive a prefix that it's coming from and install it in
If they're sending you a full table (and you also have a full table from
your other provider), then alter the import policy to accept routes from
> 5. Turn down the old connection (neighbor shutdown)
once the above has been stable for a while...
apply new import export policy (e.g. reject all) and clear soft in out
once there's no traffic on it and everything else hasn't caught fire
shut down the bgp session
> 6. Watch the old connection get removed from route servers/looking glasses from step 4
> A. Does that order make sense or does it need some tweaking, additions, or "other"?
> B. I'd like to test the new upstream BGP configuration without passing traffic to and through it. What can I do (if anything) on my configuration end to put up the BGP configuration, establish a neighbor connection, and NOT actually pass any traffic through it? After putting my configuration up, I'd like to do a show bgp nei 220.127.116.11 advertised-routes to ensure my routes are going out, and then shut the neighbor down until the cutover.
> thanks for your input
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 308 bytes
Desc: OpenPGP digital signature
More information about the NANOG