BMPBGP Monitoring Protocol Testing by JANOGers BMP Test Results 16 Sep 2014 Joint Test Members and their Motivation BIGLOBE An ISP in Japan which has about 3 million subscribers We have several ID: 766558
Download Presentation The PPT/PDF document "BMP(BGP Monitoring Protocol) Testing by" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
BMP(BGP Monitoring Protocol) Testing by JANOGersBMP Test Results 16 Sep 2014
Joint Test Members and their MotivationBIGLOBEAn ISP in Japan which has about 3 million subscribers.We have several POPs in JP, HK, SG and the US, and we connect with 150+ ASs globally.Primary goal is to be able to detect BGP trouble and investigate quickly.GREEOne of the biggest social game providers in the mobile phone market.They hope more oriented towards routing optimization to enhance the user experience. e.g. Troubleshoot convergence time and latency.Cisco The biggest network device vendor.They want to know the operators needs and get feedback for future development. 16 Sep 2014
Current BMP implementation(Router) Juniper JUNOS 9.5 and later BMP version1 http://www.juniper.net/techpubs/en_US/junos13.2/topics/topic-map/bgp-monitoring-protocol.htmlJUNOS 13.3 and later BMP version3http://www.juniper.net/techpubs/en_US/junos13.3/topics/task/configuration/bgp-monitoring-protocol-v3.htmlCiscoIOS-XE 3.11S and later BMP version3http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/bgp-monitor-protocol.html IOS 15.4(2)T and later BMP version3http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/bgp-monitor-protocol.html IOS-XR will supports 5.2.2 (Mid of 2014) 16 Sep 2014
Current BMP implementation(Software)BMP Receiverhttps://code.google.com/p/bmpreceiver/source/listDeveloped by a Google engineer involved in writing the Internet draft for BMP.Supported BMP version 1 only.We requested info on updates for version 3, but apparently, it crashes after receiving static reports.Forhadahmed/bmphttps://github.com/forhadahmed/bmpDeveloped by a former Cisco engineer Did not work properly in current state 16 Sep 2014 Existing open source software did not support BMP version3. Luckily, Cisco was able to provide us with internal tool for testing.
Test network topology BMP Server(Cisco Internal tool) ASR1000 (IOS XE 3.11S) ASR9000 MX960 (JUNOS13.3R1.8) Route Reflector ASR1000 (IOS XE 3.11S ) the Internet EBGP EBGP AS64705 AS64600 AS2518 I BGP I BGP I BGP Full Route I BGP 16 Sep 2014
Testing…Test Period :16th to 27th of July 2014Testing Place: Cisco Tokyo Office 16 Sep 2014 So nice ice cream
BMP Server MX960 (JUNOS13.3R1.8) Adj -RIB-In Loc -RIB-In T est result : I nbound filtering Number of routes in Adj -RIBs-In: 80 Number of routes in Loc -RIB: 5 Route Reflector AS109 AS7521 AS55349 Inbound Policy BGP UPDATE AS109 AS7521 AS55349 AS7521 AS55349 deny AS109$ EBGP Number of route 80Number of Route 80Number of Route5 16 Sep 2014
BMP Server MX960 (JUNOS13.3R1.8) Adj -RIB-In Loc -RIB-In T est result : I nbound filtering Number of routes in Adj -RIBs-In: 80 Number of routes in Loc -RIB: 5 Route Reflector AS109 AS7521 AS55349 Inbound Policy BGP UPDATE AS109 AS7521 AS55349 AS7521 AS55349 deny AS109$ EBGP Number of route 80Number of Route 80Number of Route5 16 Sep 2014 In this situation, the MX960 is receiving 80 routes from the remote router and denying routes by inbound filtering. According to the BMP server log, we could find differences in the number of routes between Adj-RIBs-in and Local-RIB.
Test result: downed BGP session by remote routerASR1000(IOS XE 3.11S)MX960(JUNOS13.3R1.8) clear bgp BMP Server BMP msg count: Route-monitor=2 Stat-report=115 Peer-down=1 Peer-up=2 4byte-ASN Last Peer-down: Thu Jun 26 14:03:20 2014 Remote system closed the session NOTIFY received: cease/admin reset EBGP 16 Sep 2014
Test result: downed BGP session by remote routerASR1000(IOS XE 3.11S)MX960(JUNOS13.3R1.8) clear ip bgp BMP Server BMP msg count: Route-monitor=2 Stat-report=115 Peer-down=1 Peer-up=2 4byte-ASN Last Peer-down: Thu Jun 26 14:03:20 2014 Remote system closed the session NOTIFY received: cease/admin reset EBGP 16 Sep 2014 The remote router ran the “clear bgp ” command, and we saw these behaviors. W e could find the peer-down message along with the message of the down reason.
Test result :downed BGP session by local routerASR1000(IOS XE 3.11S)ASR1000 (IOS XE 3.11S) I BGP Interface shutdown BMP Server BMP msg count: Route-monitor=3 Stat-report=20 Peer-down=1 Peer-up=1 Last Peer-down: Thu Jun 26 14:58:36 2014 Local system closed the session NOTIFY sent: hold timer expired ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff00 15 03 04 00 16 Sep 2014
Test result :downed BGP session by local routerASR1000(IOS XE 3.11S)ASR1000 (IOS XE 3.11S) I BGP Interface shutdown BMP Server BMP msg count: Route-monitor=3 Stat-report=20 Peer-down=1 Peer-up=1 Last Peer-down: Thu Jun 26 14:58:36 2014 Local system closed the session NOTIFY sent: hold timer expired ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff00 15 03 04 00 16 Sep 2014 The local router ran the "Interface shutdown" command, and we saw these behaviors.We could find that the local system closed the session by hold timer.
Test result: max prefix down on MX960MX960(JUNOS13.3R1.8) max prefix: 50 BGPUPDATE iBGP max prefix down BMP Server BMP msg count: Route-monitor=40 Stat-report=44 Peer-down=6 Peer-up=6 Last Peer-down: Thu Jun 26 16:28:50 2014 Local system closed the session NOTIFY sent: cease/max prefixes reached ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 1c 03 06 01 00 01 01 00 00 00 32 Route Reflector Number of routes :80 16 Sep 2014
Test result: max prefix down on MX960MX960(JUNOS13.3R1.8) max prefix: 50 BGPUPDATE iBGP max prefix down BMP Server BMP msg count: Route-monitor=40 Stat-report=44 Peer-down=6 Peer-up=6 Last Peer-down: Thu Jun 26 16:28:50 2014 Local system closed the session NOTIFY sent: cease/max prefixes reached ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 1c 03 06 01 00 01 01 00 00 00 32 Route Reflector Number of routes :80 16 Sep 2014 Here, the MX960 received 80 routes from remote router. But MX max prefix is 50, so the BGP session was shut.W e could find downed status and the reason caused.
ASR1000(IOS XE 3.11S)max prefix: 50 BGP UPDATE EBGP MX960 (JUNOS13.3R1.8) Number of routes : 80 max prefix down BMP Server BMP msg count: Route-monitor=21 Stat-report=11 Peer-down=1 Peer-up=2 4byte-ASN Last Peer-down: Thu Jun 26 16:10:37 2014 Local system closed the session FSM event code: 0 No NOTIFY sent ASR 1000 IOS-XE 3.11S does not support RFC4486 (BGP cease notification Messages) sub-code1 ( Maximum Number of Prefixes Reached ) *It supported from IOS-XR3.13 http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-max-prefix.html 16 Sep 2014 T est result : max prefix down on ASR1000 } ???
ASR1000(IOS XE 3.11S)max prefix: 50 BGP UPDATE EBGP MX960 (JUNOS13.3R1.8) Number of routes : 80 max prefix down BMP Server BMP msg count: Route-monitor=21 Stat-report=11 Peer-down=1 Peer-up=2 4byte-ASN Last Peer-down: Thu Jun 26 16:10:37 2014 Local system closed the session FSM event code: 0 No NOTIFY sent ASR 1000 does not support RFC4486 (BGP cease notification Messages) sub-code1 ( Maximum Number of Prefixes Reached ) *It will support from 3.13 16 Sep 2014 T est result : max prefix down on ASR1000 } ??? This situation is completely the same as previous scenario. But the BMP server log reason was unclear. In our survey, this case was caused by no support of RFC4486 (BGP cease notification messages) on IOS-XE 3.11S.Cisco said that ASR1000 supported from IOS-XE3.13. If you want to use BMP function, you should pay attention for supported status of RFC4486, not only BMP.
The test result summary We were able to successfully implement BMP and see how we could benefit from its use.It allows operators to obtain valuable information that previously required debug commands and router login.Most Japanese ISPs forbid the use of debug command,because of the high CPU usage.It helps us troubleshoot complex outages.The data gathered is based on RFC-defined standards, so the output is consistent among various vendors. 16 Sep 2014
The test result summary Current Implementation of BMPSupported RoutersIn recent implementations, Juniper and Cisco routers support BMP version3. We are hoping more vendors will support BMPAvailable SoftwareIt lacked a server-side software that was compatible with BMP version 3. We need Superman 16 Sep 2014
Last on the AgendaWhat is BMP(BGP Monitoring Protocol)?BIGLOBE/GREE/CISCO BMP test result summaryAfter JANOG34… 16 Sep 2014
JANOG34 in TakamatsuDayJuly 16-18 2014HostSTNet, IncorporatedAttendee Tutorial and BoF: 93(remote 118)Meeting 547 We presented these BMP test .Some operators take interest in itto troubleshoot without debug command. 16 Sep 2014 Takamatsu
Opinion to IETFWe will report to IETF IDR(Inter-Domain routing) and GROW working group about the gap between operators expectations and vendor implementationTimestampTimestamp is not mandatory requirement but operator's expectation is pretty high.SecurityDraft is not explicitly request security for BMP it's self.We thought this would be implementation's issue between server-side software and router and multi vendors. 16 Sep 2014
Implementation update After JANOG34, some software engineers have been working on developing BMP servers.NTT R&D Wataru Ishida published BMPv3 software Ryu BMP Sever https://github.com/osrg/ryu http://osrg.github.io/bmp/ 16 Sep 2014
Future PlansBMP Further testing for installation of our network.Developing an automation tool triggered by BMP messages for our daily operation.Find other new useful technologiesWe want to find and test new technologies with JANOG operators. 16 Sep 2014