Mailing List Archive

BGP Graceful Restart
I do believe that I understand the intended purpose of BGP
graceful-restart. With that said, I was watching a video of a talk
given by someone respected in the industry the other day on the use of
graceful-shutdown and at the beginning of the talk there was a quick
disclaimer that his topic had nothing to do with graceful-restart
along with some text on the slide that provided me a clear indication
that he was not a fan of graceful-restart.

Largely, I suspect that his point was that if you otherwise do the
right things during maintenance that graceful-restart has the
potential of being really problematic if things go wrong, and thus he
was discouraging the use of it. Is there consensus as to whether
graceful-restart has any place in a service provider network?

Thanks,
Graham
Re: BGP Graceful Restart [ In reply to ]
I use it BGP Graceful Restart in order to avoid route flapping penalties and undesired path selection when adding or removing prefixes on border routers (which entails ACL changes as well). However, when BGP is used as a data center fabric, I have heard it can cause complex failure modes lasting many minutes or even hours. I found this VMWare Validated Design Document 5.0.1 warning:

NSXT-VISDN-038 Do not enable Graceful Restart between BGP neighbors. Avoids loss of traffic. Graceful Restart maintains the forwarding table which in turn will forward packets to a down neighbor even after the BGP timers have expired causing loss of traffic

I don't run BGP as an east-west protocol, so I've never had cause to use this, but this might be one of the risks the speaker of the talk you heard was referring to.

-mel

________________________________
From: NANOG <nanog-bounces+mel=beckman.org@nanog.org> on behalf of Graham Johnston <johnston.grahamj@gmail.com>
Sent: Friday, April 16, 2021 7:11 AM
To: nanog@nanog.org <nanog@nanog.org>
Subject: BGP Graceful Restart

I do believe that I understand the intended purpose of BGP
graceful-restart. With that said, I was watching a video of a talk
given by someone respected in the industry the other day on the use of
graceful-shutdown and at the beginning of the talk there was a quick
disclaimer that his topic had nothing to do with graceful-restart
along with some text on the slide that provided me a clear indication
that he was not a fan of graceful-restart.

Largely, I suspect that his point was that if you otherwise do the
right things during maintenance that graceful-restart has the
potential of being really problematic if things go wrong, and thus he
was discouraging the use of it. Is there consensus as to whether
graceful-restart has any place in a service provider network?

Thanks,
Graham
Re: BGP Graceful Restart [ In reply to ]
On Fri, Apr 16, 2021 at 11:09 AM Graham Johnston
<johnston.grahamj@gmail.com> wrote:
> Largely, I suspect that his point was that if you otherwise do the
> right things during maintenance that graceful-restart has the
> potential of being really problematic if things go wrong, and thus he
> was discouraging the use of it. Is there consensus as to whether
> graceful-restart has any place in a service provider network?

RFC4724 Graceful Restart is used to retain BGP routes where forwarding
plane is NOT disrupted. It can be useful for things that don't have
any alternative path to reduce exposure to control plane outages (e.g.
process restart).
Also sending End of Rib marker (not necessarily enabling GR) can be
helpful to troubleshoot BGP route collection (clear signal on
completion of initial convergence).

There is also LLGR https://tools.ietf.org/html/draft-ietf-idr-long-lived-gr-00
Re: BGP Graceful Restart [ In reply to ]
On 4/16/21 16:11, Graham Johnston wrote:
> I do believe that I understand the intended purpose of BGP
> graceful-restart. With that said, I was watching a video of a talk
> given by someone respected in the industry the other day on the use of
> graceful-shutdown and at the beginning of the talk there was a quick
> disclaimer that his topic had nothing to do with graceful-restart
> along with some text on the slide that provided me a clear indication
> that he was not a fan of graceful-restart.
>
> Largely, I suspect that his point was that if you otherwise do the
> right things during maintenance that graceful-restart has the
> potential of being really problematic if things go wrong, and thus he
> was discouraging the use of it. Is there consensus as to whether
> graceful-restart has any place in a service provider network?

When the majority of the hardware we had had a single control plane, we
used GR on those (and only inside our AS).

But as nearly 100% of all our BGP-speaking hardware now has dual control
planes, we just go for the vendor's NSR implementation. We've found that
to be a lot more reliable because it is locally significant,
predictable, and generally works well as it has matured a great deal in
the last decade.

Mark.
Re: BGP Graceful Restart [ In reply to ]
Hello Graham,

I had a chance to analysis this topic GR and GR helper mode( default) for EoR msg and for the LLGR timer afterwards and had e-mail correspondence with the RFC auther.
I would say based on your environment topology and the type of BGP fault/error. You keep the default mode unless BFD is configured. Even if you donot have GR configured. There is benefit to help your neigh ( if no BFD) in the restart process based on the type of peering relation.

Now, to enable GR itself. You have to know what are you doing and why and where in the network it is actually enabled. Still, you don't enable it where BFD is configured.

Brgds,

LG
________________________________
From: NANOG <nanog-bounces+lobna_gouda=hotmail.com@nanog.org> on behalf of Graham Johnston <johnston.grahamj@gmail.com>
Sent: Friday, April 16, 2021 10:11 AM
To: nanog@nanog.org <nanog@nanog.org>
Subject: BGP Graceful Restart

I do believe that I understand the intended purpose of BGP
graceful-restart. With that said, I was watching a video of a talk
given by someone respected in the industry the other day on the use of
graceful-shutdown and at the beginning of the talk there was a quick
disclaimer that his topic had nothing to do with graceful-restart
along with some text on the slide that provided me a clear indication
that he was not a fan of graceful-restart.

Largely, I suspect that his point was that if you otherwise do the
right things during maintenance that graceful-restart has the
potential of being really problematic if things go wrong, and thus he
was discouraging the use of it. Is there consensus as to whether
graceful-restart has any place in a service provider network?

Thanks,
Graham