23
© BIGLOBE Inc. 2014 1 BMP(BGP Monitoring Protocol) Testing by JANOGers BMP Test Results 16 Sep 2014
| Date post: | 17-Dec-2015 |
| Category: |
Documents |
| Upload: | janis-norton |
| View: | 213 times |
| Download: | 0 times |
© BIGLOBE Inc. 20141
BMP(BGP Monitoring Protocol) Testing by JANOGers
BMP Test Results
16 Sep 2014
© BIGLOBE Inc. 20142
Joint Test Members and their MotivationBIGLOBE
An ISP in Japan which has about 3 million subscribers.We have several POPs in JP, HK, SG and the US, and we connect with 150+
ASs globally.Primary goal is to be able to detect BGP trouble and investigate quickly.
GREEOne of the biggest social game providers in the mobile phone market.They hope more oriented towards routing optimization to enhance the user
experience. e.g. Troubleshoot convergence time and latency.
CiscoThe biggest network device vendor.They want to know the operators needs and get feedback for
future development.16 Sep 2014
© BIGLOBE Inc. 20143
Current BMP implementation(Router) Juniper
JUNOS 9.5 and later BMP version1 http://www.juniper.net/techpubs/en_US/junos13.2/topics/topic-map/bgp-monitoring-protocol.html
JUNOS 13.3 and later BMP version3http://www.juniper.net/techpubs/en_US/junos13.3/topics/task/configuration/bgp-monitoring-protocol-v3.html
CiscoIOS-XE 3.11S and later BMP version3
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/bgp-monitor-protocol.html
IOS 15.4(2)T and later BMP version3http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/bgp-monitor-protocol.html
IOS-XR will supports 5.2.2 (Mid of 2014)
16 Sep 2014
© BIGLOBE Inc. 20144
Current BMP implementation(Software)BMP Receiver
https://code.google.com/p/bmpreceiver/source/list
Developed by a Google engineer involved in writing the Internet draft for BMP.Supported BMP version 1 only.We requested info on updates for version 3, but apparently, it crashes after
receiving static reports.
Forhadahmed/bmphttps://github.com/forhadahmed/bmp
Developed by a former Cisco engineer Did not work properly in current state
16 Sep 2014
Existing open source software did not support BMP version3.Luckily, Cisco was able to provide us with internal tool for testing.
© BIGLOBE Inc. 20145
Test network topology
BMP Server(Cisco Internal tool)
ASR1000(IOS XE 3.11S)
ASR9000MX960(JUNOS13.3R1.8)
Route Reflector
ASR1000(IOS XE 3.11S)
the Internet
EBGP
EBGP
AS64705 AS64600
AS2518
IBGP
IBGP
IBGPFull
Route
IBGP
16 Sep 2014
© BIGLOBE Inc. 20146
Testing…
Test Period :16th to 27th of July 2014Testing Place :Cisco Tokyo Office
16 Sep 2014
So nice ice cream
© BIGLOBE Inc. 20147
BMP Server
MX960 (JUNOS13.3R1.8)
Adj-RIB-InLoc-RIB-In
Test result : Inbound filtering
Number of routes in Adj-RIBs-In: 80
Number of routes in Loc-RIB: 5
Route Reflector
AS109AS7521
AS55349
InboundPolicy BGP
UPDATEAS109AS7521
AS55349
AS7521AS55349
deny AS109$EBGP
Number of route80
Number of Route80
Number of Route5
16 Sep 2014
© BIGLOBE Inc. 20148
BMP Server
MX960 (JUNOS13.3R1.8)
Adj-RIB-InLoc-RIB-In
Test result : Inbound filtering
Number of routes in Adj-RIBs-In: 80
Number of routes in Loc-RIB: 5
Route Reflector
AS109AS7521
AS55349
InboundPolicy BGP
UPDATEAS109AS7521
AS55349
AS7521AS55349
deny AS109$EBGP
Number of route80
Number of Route80
Number of Route5
16 Sep 2014
In this situation, the MX960 is receiving 80 routes from the remote router and denying routesby inbound filtering.
According to the BMP server log, we could find differences in the number of routes between Adj-RIBs-in and Local-RIB.
© BIGLOBE Inc. 20149
Test result: downed BGP session by remote router
ASR1000(IOS XE 3.11S)
MX960(JUNOS13.3R1.8)
clear bgp
BMP Server BMP msg count: Route-monitor=2 Stat-report=115 Peer-down=1 Peer-up=2
4byte-ASN
Last Peer-down: Thu Jun 26 14:03:20 2014
Remote system closed the session
NOTIFY received: cease/admin reset
EBGP
16 Sep 2014
© BIGLOBE Inc. 201410
Test result: downed BGP session by remote router
ASR1000(IOS XE 3.11S)
MX960(JUNOS13.3R1.8)
clear ip bgp
BMP Server BMP msg count: Route-monitor=2 Stat-report=115 Peer-down=1 Peer-up=2
4byte-ASN
Last Peer-down: Thu Jun 26 14:03:20 2014
Remote system closed the session
NOTIFY received: cease/admin reset
EBGP
16 Sep 2014
The remote router ran the “clear bgp” command, and we saw these behaviors.
We could find the peer-down message along with the message of the down reason.
© BIGLOBE Inc. 201411
Test result : downed BGP session by local router
ASR1000(IOS XE 3.11S)
ASR1000(IOS XE 3.11S)
IBGPInterfaceshutdown
BMP ServerBMP msg count: Route-monitor=3 Stat-report=20 Peer-down=1 Peer-up=1
Last Peer-down: Thu Jun 26 14:58:36 2014
Local system closed the session
NOTIFY sent: hold timer expired
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
00 15 03 04 00
16 Sep 2014
© BIGLOBE Inc. 201412
Test result : downed BGP session by local router
ASR1000(IOS XE 3.11S)
ASR1000(IOS XE 3.11S)
IBGPInterfaceshutdown
BMP ServerBMP msg count: Route-monitor=3 Stat-report=20 Peer-down=1 Peer-up=1
Last Peer-down: Thu Jun 26 14:58:36 2014
Local system closed the session
NOTIFY sent: hold timer expired
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
00 15 03 04 00
16 Sep 2014
The local router ran the "Interface shutdown" command, and we saw these behaviors.
We could find that the local system closed the session by hold timer.
© BIGLOBE Inc. 201413
Test result : max prefix down on MX960
MX960(JUNOS13.3R1.8)
max prefix: 50 BGPUPDATE
iBGP
max prefixdown
BMP Server
BMP msg count: Route-monitor=40 Stat-report=44 Peer-down=6 Peer-up=6
Last Peer-down: Thu Jun 26 16:28:50 2014
Local system closed the session
NOTIFY sent: cease/max prefixes reached
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
00 1c 03 06 01 00 01 01 00 00 00 32
Route Reflector
Number of routes :
80
16 Sep 2014
© BIGLOBE Inc. 201414
Test result : max prefix down on MX960
MX960(JUNOS13.3R1.8)
max prefix: 50 BGPUPDATE
iBGP
max prefixdown
BMP Server
BMP msg count: Route-monitor=40 Stat-report=44 Peer-down=6 Peer-up=6
Last Peer-down: Thu Jun 26 16:28:50 2014
Local system closed the session
NOTIFY sent: cease/max prefixes reached
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
00 1c 03 06 01 00 01 01 00 00 00 32
Route Reflector
Number of routes :
80
16 Sep 2014
Here, the MX960 received 80 routes from remote router. But MX max prefix is 50, so the BGP session was shut.
We could find downed status and the reason caused.
© BIGLOBE Inc. 201415
ASR1000(IOS XE 3.11S)
max prefix: 50BGP
UPDATE
EBGPMX960
(JUNOS13.3R1.8)
Number of routes : 80
max prefixdown
BMP Server
BMP msg count: Route-monitor=21 Stat-report=11 Peer-down=1 Peer-up=2
4byte-ASN
Last Peer-down: Thu Jun 26 16:10:37 2014
Local system closed the session
FSM event code: 0
No NOTIFY sent
ASR 1000 IOS-XE 3.11S does not support RFC4486(BGP cease notification Messages)sub-code1( Maximum Number of Prefixes Reached )*It supported from IOS-XR3.13http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-max-prefix.html
16 Sep 2014
Test result : max prefix down on ASR1000
} ???
© BIGLOBE Inc. 201416
ASR1000(IOS XE 3.11S)
max prefix: 50BGP
UPDATE
EBGPMX960
(JUNOS13.3R1.8)
Number of routes : 80
max prefixdown
BMP Server
BMP msg count: Route-monitor=21 Stat-report=11 Peer-down=1 Peer-up=2
4byte-ASN
Last Peer-down: Thu Jun 26 16:10:37 2014
Local system closed the session
FSM event code: 0
No NOTIFY sent
ASR 1000 does not supportRFC4486(BGP cease notification Messages)sub-code1( Maximum Number of Prefixes Reached )*It will support from 3.13
16 Sep 2014
Test result : max prefix down on ASR1000
} ???
This situation is completely the same as previous scenario. But the BMP server log reason was unclear.
In our survey, this case was caused by no support of RFC4486 (BGP cease notification messages) on IOS-XE 3.11S.Cisco said that ASR1000 supported from IOS-XE3.13.
If you want to use BMP function, you should pay attention for supported status of RFC4486, not only BMP.
© BIGLOBE Inc. 201417
The test result summary We were able to successfully implement BMP
and see how we could benefit from its use.It allows operators to obtain valuable information that
previously required debug commands and router login.Most Japanese ISPs forbid the use of debug command,
because of the high CPU usage.It helps us troubleshoot complex outages.
The data gathered is based on RFC-defined standards, so the output is consistent among various vendors.
16 Sep 2014
© BIGLOBE Inc. 201418
The test result summary Current Implementation of BMP
Supported RoutersIn recent implementations, Juniper and Cisco routers
support BMP version3. We are hoping more vendors will support BMP
Available SoftwareIt lacked a server-side software that was compatible with
BMP version 3. We need Superman
16 Sep 2014
© BIGLOBE Inc. 201419
Last on the AgendaWhat is BMP(BGP Monitoring Protocol)?BIGLOBE/GREE/CISCO BMP test result summaryAfter JANOG34…
16 Sep 2014
© BIGLOBE Inc. 201420
JANOG34 in TakamatsuDay
July 16-18 2014
HostSTNet, Incorporated
Attendee Tutorial and BoF: 93(remote 118)Meeting 547
We presented these BMP test .Some operators take interest in it
to troubleshoot without debug command.
16 Sep 2014
Takamatsu
© BIGLOBE Inc. 201421
Opinion to IETFWe will report to IETF IDR(Inter-Domain routing)
and GROW working group about the gap between operators expectations and vendor implementationTimestamp
Timestamp is not mandatory requirement but operator's expectation is pretty high.
SecurityDraft is not explicitly request security for BMP it's self.
We thought this would be implementation's issue between server-side software and router and multi vendors.
16 Sep 2014
© BIGLOBE Inc. 201422
Implementation update After JANOG34, some software engineers have been
working on developing BMP servers.
NTT R&D Wataru Ishida published BMPv3 software
Ryu BMP Sever
https://github.com/osrg/ryu http://osrg.github.io/bmp/
16 Sep 2014
© BIGLOBE Inc. 201423
Future PlansBMP
Further testing for installation of our network.Developing an automation tool triggered by BMP
messages for our daily operation.
Find other new useful technologiesWe want to find and test new technologies with JANOG
operators.
16 Sep 2014
