BGP RFD (Route Flap Dampening)

RFD (route flap dampening) is used to prevent a flapping route from using up CPU cycles and creating constant churn in a network. RFD uses a penalty system, in which routes are assigned penalty values each time they flap. Each time a route is withdrawn and then sent in an Update again, the router assigns a penalty value to the route. If the penalty becomes too high, the router simply supresses the prefix that is flapping. As time passes with no flapping, the route’s penalty value starts dropping so that it can eventually be reused again.

There are some terms you will need to understand:

Term	Explanation	Default Value	Configurable range
Half life time	The time it takes for a route’s penalty value to reduce by half.	15 minutes	1-45 minutes
Suppress limit	Once a route’s penalty value exceeds the suppress limit, the route is supressed.	2,000	1-20,000
Reuse limit	Once a suppressed route’s penalty value drops below this limit, the route is reused again.	750	1-20,000
max-supress-time	The maximum amount of time a route can be supressed. Once this timer expires, the route is reused again even if it is still flapping.	4x half life time	1-255 minutes

Each time a route flaps, a value of 1000 is assigned to the route. As far as I know, this penalty value is not configurable.

An example will help explain RFD:

• At T=1, a route flaps, and a penalty of 1000 is assigned.

• Between T=1 and T=2, the value decrements based on the half-life.

  • Even if the half-life is 15 minutes, the process of reducing the penalty happens every 5 seconds. It is proportionally calculated so that after 15 minutes, the value has been halved.

• At T=2, the route flaps again and a penalty of 1000 is assigned. The route is not yet at the 2000 suppress limit, due to the decrement between T=1 and T=2.

• At T=3, the route flaps for a third time, and the penalty is now above the suppress limit. The route is now suppressed.

• The route is suppressed until T=8, where it drops below the reuse limit.

Lab

We’ll reuse the simple topology from the last article:

To enable BFD on IOS-XE you use the following command:

router bgp 65000
 bgp dampening [half-life reuse suppress max-suppress-limit]

By simply configuring bgp dampening we can confirm the default values:

#R4
router bgp 65001
 bgp dampening

R4#show bgp dampening parameters
% Command accepted but obsolete, unreleased or unsupported; see documentation.

 dampening 15 750 2000 60 (DEFAULT)
  Half-life time      : 15 mins       Decay Time       : 2320 secs
  Max suppress penalty: 12000         Max suppress time: 60 mins
  Suppress penalty    :  2000         Reuse penalty    : 750

Let’s advertise 5.5.5.5/32 from R5, and cause it to flap by shutting and no-shutting the loopback interface repeatedly. On R4, we can debug dampening and watch it become dampened.

#R4
debug bgp ipv4 unicast dampening

! 5.5.5.5/32 is withdrawn

*Dec  9 16:00:05.344: EvD: charge penalty 1000, new accum. penalty 1000, flap count 1
*Dec  9 16:00:05.344: EvD: unsuppress item left in reuse timer array with penalty 1000
*Dec  9 16:00:05.344: BGP(0): charge penalty for 5.5.5.5/32 path 65002 with halflife-time 15 reuse/suppress                                                                                                                                  750/2000
*Dec  9 16:00:05.344: BGP(0): flapped 1 times since 00:00:00. New penalty is 1000
*Dec  9 16:00:35.350: EvD: accum. penalty 977, not suppressed

! show bgp shows that 5.5.5.5/32 has a "history" of flapping
! The "h" is shown only while the network is withdrawn

R4#show bgp ipv4 uni | be Network
     Network          Next Hop            Metric LocPrf Weight Path
  h   5.5.5.5/32       10.4.5.5                 0             0 65002 i

! 5.5.5.5/32 is re-advertised

! 5.5.5.5/32 is withdrawn

*Dec  9 16:01:09.576: EvD: accum. penalty decayed to 954 after 21 second(s)
*Dec  9 16:01:09.576: EvD: charge penalty 1000, new accum. penalty 1954, flap count 2
*Dec  9 16:01:09.576: EvD: unsuppress item left in reuse timer array with penalty 1954
*Dec  9 16:01:09.576: BGP(0): charge penalty for 5.5.5.5/32 path 65002 with halflife-time 15 reuse/suppress 750/2000
*Dec  9 16:01:09.577: BGP(0): flapped 2 times since 00:01:04. New penalty is 1954
*Dec  9 16:01:49.361: EvD: accum. penalty decayed to 1894 after 40 second(s)

! 5.5.5.5/32 is re-advertised

! When viewing the prefix while it is up, the "h" is gone:

R4#show bgp ipv4 uni | be Network
     Network          Next Hop            Metric LocPrf Weight Path
 *>   5.5.5.5/32       10.4.5.5                 0             0 65002 i
 *>   10.10.10.10/32   0.0.0.0                  0         32768 i

! 5.5.5.5/32 is withdrawn

*Dec  9 16:02:48.442: EvD: accum. penalty decayed to 1814 after 33 second(s)
*Dec  9 16:02:48.442: EvD: charge penalty 1000, new accum. penalty 2814, flap count 3
*Dec  9 16:02:48.442: EvD: unsuppress item left in reuse timer array with penalty 2814
*Dec  9 16:02:48.443: BGP(0): charge penalty for 5.5.5.5/32 path 65002 with halflife-time 15 reuse/suppress 750/2000
*Dec  9 16:02:48.443: BGP(0): flapped 3 times since 00:02:43. New penalty is 2814
*Dec  9 16:02:49.380: EvD: accum. penalty decayed to 2814 after 1 second(s)

! 5.5.5.5/32 is re-advertised

*Dec  9 16:03:25.478: BGP(0): suppress 5.5.5.5/32 path 65002 for 00:28:00 (penalty 2738)
*Dec  9 16:03:25.478: halflife-time 15, reuse/suppress 750/2000
*Dec  9 16:03:25.479: EvD: accum. penalty 2738, now suppressed with a reuse intervals of 168


! 5.5.5.5/32 now shows as supressed/"damped" in the BGP Loc-RIB

R4#show bgp ipv4 uni
BGP table version is 8, local router ID is 10.10.10.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
              t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *d   5.5.5.5/32       10.4.5.5                 0             0 65002 i

To view dampening statistics you can use the following command:

show bgp dampening flap-statistics
% Command accepted but obsolete, unreleased or unsupported; see documentation.

BGP table version is 8, local router ID is 10.10.10.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
              t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

    Network          From            Flaps Duration Reuse    Path
*d  5.5.5.5/32       10.4.5.5        3     00:11:47 00:08:34 65002

• 5.5.5.5/32 will be reused in 8.5 minutes.

RFD on IOS-XR

The process is essentially the same on IOS-XR, except we activate RFD under the address-family. Note that if we used the ipv4 address-family on IOS-XE, we would also have to enable RFD under the address-family. So you could say that the behaviour is the same, except IOS-XE considers the “global” BGP process as the ipv4 unicast address-family by default.

#XR4
router bgp 65002
 address-family ipv4 unicast
  bgp dampening
  ! Or specify each parameter in the same order as IOS-XE (half-life reuse supress max-supress)

We’ll advertise 4.4.4.4/32 from R4 and cause it to flap a few times. After three flaps, the prefix is dampened.

RP/0/0/CPU0:XR5#show bgp ipv4 uni dampened-paths      
Mon Dec 12 14:06:38.358 UTC
BGP router identifier 5.5.5.5, local AS number 65002
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000   RD version: 26
BGP main routing table version 26
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
Dampening enabled
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
              i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network            From            Reuse    Path
*d 4.4.4.4/32         10.4.5.4        00:29:00 65001 i


RP/0/0/CPU0:XR5#show bgp ipv4 uni | beg Network
Mon Dec 12 14:07:13.345 UTC
   Network            Next Hop            Metric LocPrf Weight Path
*d 4.4.4.4/32         10.4.5.4                 0             0 65001 i
*> 5.5.5.5/32         0.0.0.0                  0         32768 i

Conditional Dampening

With both IOS-XE and IOS-XR we can have granular dampening policies per prefix. For example, we can only dampen prefixes that match a prefix list and not dampen other prefixes. To do this, we attach a route-map or route-policy to the dampening statement in BGP.

#R4

ip prefix-list EXAMPLE seq 5 permit 1.1.1.1/32
ip prefix-list EXAMPLE seq 10 permit 2.2.0.0/20 ge 24 le 28
!
route-map DAMPENING permit 10 
 match ip address prefix-list EXAMPLE
 set dampening 15 750 2000 45
!
router bgp 65001
 bgp dampening route-map DAMPENING


#XR5

route-policy DAMPENING
  if destination in (1.1.1.1/32) or destination in (2.2.2.0/20 ge 24 le 28) then
    set dampening halflife 15 suppress 2000 reuse 750 max-suppress 45
  endif
end-policy
!
router bgp 65002
 address-family ipv4 unicast
  bgp dampening route-policy DAMPENING