/ | | | \
server \ | | | / client
Topology: C6509 and NE40 operate OSPF&IBGP. NE40 and NE20 operate EBGP and NE20 and C7206 operate OSPF. User's machine is connected with NE20 and C7206. The gateway is on NE20. User wants to access the server under C6509下.
Version: NE40 VRP3.10 2321SP02
NE20 VRP5.10 1243.01
Description: Many interfaces of NE20 attach many network segments. Some person draw a port and then it recovers. And then users on this interface cannot connect server. The client restarts NE20 and the service is normal.
1. Recur the problem. The real-time service is not applicable to make plug-in analog. Create sub-interface. Manually simulate plug-in cable with shutdown/undo shutdown to recur the problem. Then debug BGP analysis can be made.
2. Shutdown sub-interface of NE20 and debug bgp at NE40 side. It can receive bgp update packet sent by NE20. There are update and withdraw information for sub-interface network in one packet.
3. Undo shutdown sub-interface of NE20 debug bgp at NE40 side. It can receive two bgp update packets sent by NE20. The route of the first packet is updated and that of the second route is withdrawn. The final result is withdrawal. NE40 cannot learn the route of matching network and the service ends.
4. Find ways to mitigate: Configure blackhole route after aggregation on NE20 and distribute in network of BGP. It can mitigate route change of detailed network segment and the configuration is optimized.
After drawing the cable, attached service ends and cannot recover. It is possible that matching network segment route does not pass through EBGP and reports NE40. As a reslut NE40 cannot learn the route of matching network segment and users cannot access the server.
The key handling is to recur the problem.
For actual handling, not enable user’s network segment with network command for OSPF configuration of NE20. Use import direct and the problem can be solved. It is suggested not to use.
The reason is that IGP route change results in BGP report route change. In order to reduce the problem, mitigate the change of detailed route with IGP route aggregation.
Further analysis indicates that there is no problem on NE40. Shutdown/undo shutdown on NE40 and there is only one route to update the packet, but there is no route to withdraw it. The handling of NE40 and NE20 is different.