Protocol Convergence Optimisation Topic Notes

Convergence Overview

• For a network to be converged, all nodes must have the same information
  • Must not contradict each other

• 4 main factors that effect convergence time:
  • Failure detection time
    • The time it takes to detect a failure
  • Event propagation time
    • The time it take for me to update everyone
  • The time it takes to recalculate the new topology
  • Forwarding table update time
    • The time it takes to install the changes

Modifying the convergence time

• Reactive methods
  • Fast Hellos and BFD
  • OSPF LSA and SPF Pacing Timers
  • FIB Prefix prioritisation

• Proactive methods
  • Used to forward through failures
    • Pre-calculated backup paths
  • EIGRP Feasible Successors
  • OSPF Loop Free Alternative (LFA)
  • BGP Prefix Independant Convergence (PIC)
  • MPLS TE Fast Reroute (TE FRR)

Routing Protocol Failure Detection

• Link failure events
• Based on Layer 1 issues
  • Time to detect failure based on
    • Link debounce for switches
    • Carrier delay for routers
      • Default 2 seconds
        • Can be adjusted manually
          • Command:
            • (config-if)#carrier-delay [msec] <time>
  • Can be adjusted to suppress short link flaps
• Not Layer 1 adjacent
  • Link up/down unreliable
  • Use upper layer timers
    • OSPF/EIGRP Hello/Dead time
    • OSPF Supports sub-seconds Hello timers
    • Not recommended because of CPU load
      • Software switched
    • eBGP uses fast fall-over
      • Can support per-peer fall-over
      • Per-peer fall-over allows conditional checking
        • Uses route-map with prefix-list checking if peer is reachable by a route

IP Event Dampening

• Used to punish links that keep flapping
  • Causes adjacencies to come up and go down
• Protocol independent
• Uses a configurable penalty method
• Links exceeding the penalty are removed from RIB
• Configured at the interface level
  • Command
    • (config-if)#dampening <half-life> <value to start reusing> <value to start suppressing> <max duration to suppress>
• To display dampening information for interfaces
  • #show interfaces dampening

Event Propagation Time

• The length of time taken to inform all routers in the topology
• Most configurable option out of all 4 factors that affect convergence

EIGRP

• Bounded by QUERY and REPLY process
• Smaller QUERY domain, less QUERY packets
• Improved by
  • Feasible Successors
  • Stub Routers
    • Command:
      • (config-router)#eigrp stub
  • Summarization
    • Command:
      • (config-if)#ip summary-address eigrp <AS> <network> <mask>

[_/su_spoiler]

OSPF

• LSA Flooding process
  • Bounded by Area
• Less devices in the Area, less need to be informed
• Improved by:
  • Areas
  • Stub Areas
  • Incremental SPF (iSPF)
    • Runs a partial SPF only on areas of the SPT that were affected
    • Should be enabled for all devices in domain
    • Command:
      • (config-router)#ispf
  • Prefix Suppression
    • Prevents router advertising all prefixes except:
      • Loopback addresses
      • Secondary IP addresses
      • Passive interfaces
      • Command:
        • (config-if)#ip ospf prefix-suppression
        • (config-router)#prefix-suppression
  • SPF and LSA Throttling Pacing timers
    • Control consecutive SPF calculation events
      • Command:
        • (config-router)#timers throttle spf <spf-start> <spf-hold> <spf-max-wait>
    • Control LSA Flooding events
      • Command:
        • (config-router)#timers throttle lsa [all] <start-interval> <hold-interval> <max-interval>
    • Minimum interval at which same LSA can be accepted from neighbors
      • Command:
        • (config-router)#timers lsa arrival <milliseconds>
    • Control the interval rate between a group of LSAs being refreshed
      • Longer timer means OSPF tries to group more updates together to send rather than send more individually
      • Command:
        • (config-router)#timers pacing lsa-group <seconds>
    • Control minimum interval of consecutive LSA updates in OSPF transmission queue
      • Command:
        • (config-router)#timers pacing flood <milliseconds>
    • Time interval to retransmit lost LSAs
      • Command:
        • (config-router)#timers pacing retransmission <milliseconds>

[_/su_spoiler]

BGP

• UPDATE/WITHDRAW process
  • Unbounded
  • Internet Routing Table never converges
• TCP based protocol, therefore improvements must be done to the TCP stack to improve BGP
• Improved by
  • MTU Size
    • Larger MTU means more updates in individual packets
    • Set to Jumbo MTU 9216
    • Configured at interface level
      • Command:
        • (config-if)#mtu 9216
  • TCP Maximum Segment Size
    • Provides similar benefits to MTU
    • Configured globally
    • Default MSS is 1460 bytes on a local LAN, else it is 536 bytes
      • Command:
        • (config)#ip tcp mss <68-10000>
  • TCP Window Size
    • Defines the number of packets that can be sent without receiving an acknowledgement
    • Configured globally
    • Default set to 4128 when scaling not enabled
    • If only one neighbor is configured for scaling, default window size is 65535
      • Command:
        • (config)#ip tcp window-size <68-1073741823>
  • TCP Acknowledgements
    • Acknowledges received packets
    • If packets are lost from one window of data, an aggressive sender could re-send packets early even though later sequence packets might have already been received
    • This can be adjusted using the Selective Acknowledgement configuration
      • Returns selective acknowledgements to sender, informing what has been received
      • Sender only re-sends the missing data
      • Acknowledgements not necessarily sequential
        • Could be out of order
    • Improves overall performance
    • Enabled globally
      • Command:
        • (config)#ip tcp selective-ack

[_/su_spoiler]

EIGRP FRR and OSPF LFA

EIGRP Fast Re-Route

• Feasible Successor already provides a loop free alternate path
• FRR Installs a backup path to destination prefix
  • Not used for ECMP or UCMP
  • Displays as a "Repair path" in the RIB and FIB
  • If there are no Feasible Successors then FRR doesn't do anything
• Provides an Active/Standby configuration for prefixes
• When Successor fails, Feasible Successor copied from EIGRP Topology table to RIB
  • RIB writes to FIB
  • FIB writes to TCAM
• Repair "Backup" Path are already pre-written into hardware with FRR
• Configured under topology in named mode or in classic mode under the global process
  • Can be configured for all prefixes, although not recommended.
    • Command:
      • (config-router)#fast-reroute per-prefix all
      • (config-router-af-topology)#fast-reroute per-prefix all
• Can be configured for individual prefixes using a route-map
  • Command:
    • (config-router)#fast-reroute per-prefix route-map <route-map-name>
    • (config-router-af-topology)#fast-reroute per-prefix route-map <route-map-name>

[_/su_spoiler]

OSPF Loop Free Alternative

•  End intention is to provide a function the same as EIGRP Feasible Sucessor
  • Calculate a backup path (repair-path) for the primary
• Have an Active/Standby prefix configuration
• Traditionally OSPF only calculates a single loop-free path from itself to each node
  • LFA runs the SPF tree for all its neighbors once own local loop-free path calculated, to calculate backup paths
    • The end result gets written to the RIB as a Repair-Path
• If a failure occurs within the SPT;
  • LSA flooding and recalculation still occurs but the result is already pre-written in the FIB

• Could cause scalability issues depending on Area size
  • Not recommended to run on all prefixes
  • Limit to selected prefixes

• Configured under the OSPF process
  • Enabled on Area or individual prefixes
    • Area configuration
      •  Command:
        • (config-router)#fast-reroute per-prefix enable area <area-id>
    • Individual Prefix configuration
      • Command:
        • (config-router)#fast-reroute per-prefix enable prefix-priority <low | high>
      • Low keyword indicates to calculate LFA for ALL prefixes not just high prefixes
      • High keyword indicates to calculate LFA for HIGH prefixes only
      • To configure specific prefixes as high priority
        • Command:
          • (config-router)#prefix-priority high route-map <route-map-name>
    • Directly connected prefixes can be disabled from LFA
      • Command:
        • (config-router)#ip ospf fast-reroute per-prefix protection disable
    • All neighbors can be excluded from LFA
      • Command:
        • (config-router)#ip ospf fast-reroute per-prefix candidate disable

• Verification:
  • Command:
    • #show ip ospf neighbors fast-reroute
    • #show ip route repair-paths

[_/su_spoiler]

BGP Prefix Independent Convergence Edge (PIC)

• Used with MPLS L3 VPN
  • Normally used for dual-homed/dual PE connections
• Same as OSPF LFA and EIGRP FRR
• Installs a repair path in the FIB
  • Next best path
  • If the primary path fails, the repair path immediately takes over
• This process is unique for each node
• Can select individual prefixes to create a repair path
• BFD required for fast failure detection of neighbors, otherwise still waiting for update messages
• Enabled manually under the BGP AF or SAFI (Subsequeny Address Family Identifier)
  • Command:
    • (config-router-af)#bgp additional-paths install
• More preferred option to enable for specific prefixes, otherwise could reach limitations of hardware quickly e.g. TCAM
  • Command:
    • (config-router-af)#bgp additional-paths select [all | backup | best | best-external | group-best]
• Can view the repair path:
  • #show ip cef vrf <vrf-name> <prefix> detail
  • Detail word required, normal CEF view won't show repair path

[_/su_spoiler]

Troubleshooting Commands

• #show ip route repair-paths

[_/su_spoiler]