Description
This article describes the BGP-related timers that can be configured/adjusted on the FortiGate.
Scope
FortiGate, BGP.
Solution
Table of Contents (select any link to go to the corresponding section):
- Core Timers.
- keepalive-timer / keep-alive-timer.
- holdtime-timer.
- advertisement-interval.
- connect-timer.
- scan-time.
- Route Dampening Timers.
- dampening-max-suppress-time.
- dampening-reachability-half-life.
- dampening-unreachability-half-life.
- Graceful Restart Timers.
- graceful-restart-time / restart-time.
- graceful-stalepath-time / retain-stale-time.
- graceful-update-delay.
Core Timers.
The following timers are considered core BGP timers required for establishing basic neighborships/peering.
set keepalive-timer
set holdtime-timer
- Sets the maximum amount of time (3 - 65535 seconds, default = 180) that BGP will wait before marking a peer as dead.
When the FortiGate receives a keepalive from the peer, the holdtime is reset back to this configured value. If no keepalives are received during this period, the FortiGate assumes the peer is no longer active and will bring down the BGP neighborship.
- holdtime-timer is the global setting used for BGP (config router bgp). This setting can be overridden on a per-peer basis (config neighbor / config neighbor-group) using the holdtime-timer CLI option (same name).
Note regarding keepalive/holdtime on FortiOS:
- Administrators can set the keepalive-timer to be greater than one-third of the holdtime-timer in the config, but the actual keepalive that FortiOS will use will be capped to a maximum of one-third of the holdtime (FortiOS enforces a suggestion from RFC 4271). On the other hand, using a keepalive-timer that is shorter than one-third of the holdtime-timer is allowed. For example:
- If keepalive-timer = 20 and holdtime-timer = 30, then FortiOS will use an actual keepalive of 10 seconds and a hold time of 30 seconds.
- If keepalive-timer = 5 and holdtime-timer = 30, then FortiOS will use an actual keepalive of 5 seconds and a hold time of 30 seconds.
- BGP keepalive/hold times are negotiated between peers such that the lowest advertised keepalive/hold time values are chosen.
- Additionally, changing BGP keepalive-timer and holdtime-timer will not affect existing BGP neighborships until they are cleared and re-established (soft clearing is not sufficient in this case):
set advertisement-interval
- Sets the minimum interval (0 - 600 seconds, default = 30) that BGP waits to send routing updates.
- Routing updates affected by advertisement-interval include: initial route advertisement after the BGP adjacency state moves to ESTABLISHED, adding or withdrawing routes, and advertising routes after a soft reset.
- The advertisement-interval value is not required to match between peers. Each BGP peer waits to send its own route advertisements according to the locally configured advertisement-interval.
- FortiOS does not automatically adjust this timer based on iBGP vs. eBGP peerings, so it may be a good idea to consider setting a shorter interval for iBGP connections (as suggested in Section 10 of RFC 4271).
set connect-timer
- Sets the maximum amount of time (1 - 65535 seconds, default =120) that the FortiGate will spending trying to connect to a new BGP peer via TCP before transitioning to the Idle state.
- This setting is configured on a per-peer basis only and does not have an equivalent global setting.
- Note that the default value of this setting (and a few others) may display as 4294967295. See this KB article for an explanation of this behavior: Technical Tip: 'keep-alive-timer', 'holdtime-timer', 'connect-timer' and 'Weight' show a Default val...
set scan-time
- Sets the background interval (5 - 60 seconds, default = 60, set 0 to disable) in which the FortiGate scans all BGP routes to check next-hop reachability (i.e. if a next-hop is no longer available then do not use the route).
Route Dampening Timers.
The following timers are relevant to the BGP Route Dampening feature, which is discussed in further depth here:
Note that set dampening enable must be set first for these timers to appear in the CLI, and these settings are global-only for BGP (no per-peer override).
set dampening-max-suppress-time
- Sets the maximum amount of time (1 - 255 minutes, default = 60) in which a route can be suppressed, regardless of how stable the route is.
- Default is notably four-times that of dampening-reachability-half-life.
set dampening-reachability-half-life
- Sets the half-life time for penalties (1 - 45 minutes, default = 15), where the penalty of the route is reduced by half if the route is considered to be reachable (suppressed or not).
set dampening-unreachability-half-life
- Sets the half-life time for penalties (1 - 45 minutes, default = 15), where the penalty of the route is reduced by half if the route is considered to be unreachable.
Graceful Restart Timers.
The following timers are relevant to the BGP Graceful restart feature, which is discussed in further depth here:
set graceful-restart-time
- Sets the length of time (1 - 3600 seconds, default = 120) that the FortiGate will wait while a BGP peer restarts. This timer is ended once the FortiGate receives a BGP OPEN message from the peer after it has restarted.
- graceful-restart-time is the global setting used for BGP (config router bgp). This setting can be overridden on a per-peer basis (config neighbor / config neighbor-group) using the restart-time CLI option.
set graceful-stalepath-time
- Sets the length of time (1 - 3600 seconds, default = 360) that the FortiGate will retain stale paths that had been previously received from a restarting BGP peer.
- This timer starts once the FortiGate detects that the remote peer has restarted (e.g. receiving a BGP Open with Graceful Restart Capability "Restart State" bit set) and allows the FortiGate to retain existing stale routes long enough for BGP to re-establish and re-converge with the restarting peer.
- graceful-stalepath-time is the global setting used for BGP (config router bgp). This setting can be overridden on a per-peer basis (config neighbor / config neighbor-group) using the retain-stale-time CLI option.
set graceful-update-delay
- Sets the amount of time (1 - 3600 seconds, default 120) that the FortiGate will wait after restarting before it performs route-selection.
- Unlike the previous two timers, this timer applies when the FortiGate is the one restarting BGP (as opposed to the remote peer restarting).
- The FortiGate will retain the stale routes it had before restart (if possible) and will not perform route-selection until:
- It receives the End-of-RIB marker from all of its peers (except for those that do not support Graceful Restart as well as those that have the "Restart State" bit set) or,
- This timer has elapsed.