OSPF DR and BDR Explained: The Hidden Heroes of Network Efficiency.

In the world of networking, OSPF (Open Shortest Path First) is one of the most widely used dynamic routing protocols. But did you know that behind the scenes, two special routers —the **Designated Router (DR)** and **Backup Designated Router (BDR)** — work tirelessly to keep your network running smoothly?

In this blog post, we’ll uncover:

 

• 1.      What do DR and BDR do for our network?
• 2.      How do they get elected, and why is this election important?
• 3.      What are the Common mistakes in OSPF configuration?
• 4.      What are the best practices for optimizing DR/BDR selection?

 

Let's dive in-à

·        Why do we need DR and BDR?

Ø  Imagine a conference room where everyone is shouting updates at the same time--- chaos, right? That’s what happens in an OSPF multi-access network (Ethernet) without a DR and BDR.

 

·        The problem: toooo many LSAs*

Ø  Every OSPF router floods Link-State Advertisements (LSAs) to announce network changes. In a large network, this creates excessive traffic and inefficiency.

 

·        The Solution: DR and BDR to the Rescue**

>Designated Router DR -> becomes the central hub for LSA distribution.

> BDR Backup DR->  standby to take over if the DR fails.

> All the other routers (***DROTHERs***) only talk to the DR and BDR, reducing unnecessary chatter.

 

Ø  Result: A cleaner, more efficient OSPF network**

 

·        How does the DR and BDR election work?

Ø  Not every router gets to be the DR- there’s a strict election process.

Ø  Only routers in ** multi-access networks*** (Ethernet, Frame Relay) elect a DR/BDR.

Ø  Point-to-point links (like PPP) don’t need DR/BDR.

 

 

·        What are the Election Rules?

Ø  OSPF Priority (0-255)

Ø  Default - ***1***

Ø  If OSPF priority is 0, it means the router is ineligible to be elected

Ø  If the priorities are equal, the router with the highest RID wins

Ø  Router ID is chosen from—manually configured RID, the highest loopback IP, highest active physical IP.

 

 

·        The surprising Truth: Elections are non-preemptive.

Ø  Once elected, the DR/BDR OSPF routers stay in power unless they fail.

Ø  A new router with a higher priority won't take over the current DR BDR. Unless the current DR/BDR fails.

 

·        Common DR/BDR configuration mistakes.

Ø  Ignoring priority setting > if all routers have default priority 1, the highest router ID wins, which may not be optimal. FIX – manually set priorities on critical routers.

Ø  Adding a new high-priority router won’t change the DR unless the current one fails. FIX restart OSPF on the interface if needed.

Ø  If router IDs are unstable, for example, if they're based on a physical interface, DR election can be unpredictable. FIX always set a STATIC router ID in OSPF configuration.

 

·        Best practice for DR/BDR optimization.

Ø  Set priority 100 on the routers you want as DR/BDR, and set priority 0 on routers that should never become DR.

Ø  Avoid DR on low power routers- the DR does extra work, do not make a weak router the DR.

Ø  Use the loopback interface for router-ID.

 

 Let's see the configuration=>https://www.youtube.com/@internetworkss

Topology:-

• Configure the topology as per the diagram
• Configure the IP addresses as per the topology 
• Configure OSPF 1 and advertise directly connected interfaces 
• Configure router 1 DR, router 2, and router 3 Drothers 
• Configure Router 4 as backup DR
• VERIFY THE CONFIGURATIONS.

What is OSPFv2 (Open Shortest Path First version 2) subcommand?

 OSPFv2 (Open Shortest Path First version 2 is a link-state routing protocol designed for IPv4 networks. It is defined in RFC 2328 and is widely used in enterprise and service provider networks due to its efficiency and scalability.

Key Features of OSPFv2:

1. Link-State Protocol:

• Maintains a complete topological map of the network (LSDB - Link-State Database).
• Uses the Dijkstra (SPF) algorithm to compute the shortest path to all destinations.

2. Hierarchical Routing (Areas):

• Divides networks into areas to reduce routing overhead.
• Backbone Area (Area 0) is mandatory; all other areas must connect to it.

Types of areas:

• Normal Areas (Standard areas)
• Stub Areas (Block external routes)
• Totally Stubby Areas (Block external and inter-area routes)
• Not-So-Stubby Areas (NSSA) (Allows limited external routes)

Metric (Cost):

• Calculated based on interface bandwidth (Cost = Reference BW / Interface BW, default Reference BW = 100 Mbps).

Packet Types:

• Hello (Discover/maintain neighbors)
• DBD (Database Description) (Exchange LSDB info)
• LSR (Link-State Request) (Request specific LSA)
• LSU (Link-State Update) (Send LSA updates)
• LSAck (Link-State Acknowledgment) (Acknowledge LSUs)

LSA Types (Link-State Advertisements):

• Type 1 (Router LSA) – Intra-area router info.
• Type 2 (Network LSA) – Multi-access network info.
• Type 3 (Summary LSA) – Inter-area routes (ABR-generated).
• Type 4 (ASBR Summary LSA) – Location of ASBR.
• Type 5 (External LSA) – Routes from other AS (redistributed).
• Type 7 (NSSA External LSA) – External routes in NSSA.

Neighbor States:

• Down → Init → 2-Way → ExStart → Exchange → Loading → Full

Authentication:

Supports plain-text, MD5, and SHA authentication for security.

Let's see the configuration of the OSPFv2 subcommand.

Topology:-

• Configure the topology as per the diagram
• Configure the IP addresses as per the topology 
• Configure OSPFv2 with the subcommand 
• advertise directly connected routes and loopbacks
• Make sure all the routes are exchanged 
• Verify with ping and show commands

What is a VLAN Hopping Attack?

 

What is a VLAN Hopping Attack?

Virtual Local Area Networks (VLANs) play a crucial role in segmenting traffic for security and performance in today's interconnected networks. However, attackers can exploit misconfigurations to bypass these segmentation controls through VLAN hopping attacks.

In this blog, we’ll explore:

• What VLAN hopping is
• How VLAN hopping attacks work
• Types of VLAN hopping attacks
• How to prevent VLAN hopping

What is BGP Allowas-in Feature? How to configure BGP Allowas-in? GNS3

 BGP Allowas-in is a configuration option in Border Gateway Protocol (BGP) routing that allows a router to accept routes with its own AS (Autonomous System) number in the AS_PATH attribute.
There's a risk of creating routing loops if not managed properly. It should be used cautiously and with a clear understanding of network topology.

• Purpose: Normally, BGP prevents loops by rejecting routes that contain the local AS number in the AS_PATH. However, in scenarios like multi-homed environments or when dealing with MPLS VPNs, you should allow routes to come back into your AS through different paths.

• Functionality: When you configure allowas-in, you specify how many times your AS number is allowed to appear in the AS_PATH. This number can be set between 1 to 10, although this varies by router vendor and model. For example, setting allowas-in 2 would allow routes with up to two instances of your AS number in the path.

Usage Scenario:

1. Multi-homed Networks: If you have connections to the same ISP in different locations, allowas-in can prevent unnecessary route blackholing by allowing these routes back into your network.
2. MPLS VPNs: In scenarios where customer routes are sent through a service provider network and back, allowas-in ensures these routes are not dropped.

Configuration Example (Cisco IOS-like syntax):

plaintext
router bgp 65100
 neighbor 12.1.1.2 remote-as 65200
 neighbor 12.1.1.2 allowas-in 2

end

To allow the re-advertisement of all prefixes that contain duplicate ASNs, use the neighbor allowas-in command in router configuration mode in Router

Risks:

• There's a risk of creating routing loops if not managed properly. It should be used cautiously and with a clear understanding of network topology.
• It can also lead to suboptimal routing if not configured correctly.

Best Practices:

• Use sparingly and only where necessary.
• Monitor BGP updates closely when employing this feature.
• Combine with route-maps or other BGP policies to control which routes are accepted.

This configuration can significantly affect network reachability and BGP convergence, so it should be deployed with a good understanding of BGP dynamics and network design.
 

let's see the configuration:-

Topology:-

Goal- allow the same AS routes installed in router 1 and router 5 routing table. 

• configure the IP addresses as per the topology
• configure EBGP IBGP protocols
• verify the 10.0.0.0/8 in the router 5 routing table
• verify the 50.0.0.0/8 in the router 1 routing table
• configure BGP allowas-in feature on routers 1 and 5
• ensure route 10.1.1.1 and 50.1.1.1 in router 1 and 5 routing table.
• in the end, ensure the connectivity with ping traceroute commands

R1(config)#interface ethernet 5/0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface serial 4/0

R1(config-if)#ip address 12.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R2(config)#interface ethernet 5/0

R2(config-if)#ip address 20.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface serial 4/0

R2(config-if)#ip address 12.1.1.2 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface serial 4/1

R2(config-if)#ip address 23.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R3(config)#interface ethernet 5/0

R3(config-if)#ip address 30.1.1.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/0

R3(config-if)#ip address 34.1.1.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/1

R3(config-if)#ip address 23.1.1.2 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R4(config)#interface ethernet 5/0

R4(config-if)#ip address 40.1.1.1 255.0.0.0

R4(config-if)#no shutdown

R4(config-if)#exit

R4(config)#interface serial 4/0

R4(config-if)#ip address 34.1.1.2 255.0.0.0

R4(config-if)#no shutdown

R4(config-if)#exit

R4(config)#interface serial 4/1

R4(config-if)#ip address 45.1.1.1 255.0.0.0

R4(config-if)#no shutdown

R4(config-if)#exit

R5(config)#interface ethernet 5/0

R5(config-if)#ip address 50.1.1.1 255.0.0.0

R5(config-if)#no shutdown

R5(config-if)#exit

R5(config)#interface serial 4/1

R5(config-if)#ip address 45.1.1.2 255.0.0.0

R5(config-if)#no shutdown

R5(config-if)#exit

R1(config)#router bgp 65100

R1(config-router)#neighbor 12.1.1.2 remote-as 65200

R1(config-router)#network 10.0.0.0 mask 255.0.0.0

R1(config-router)#network 12.0.0.0 mask 255.0.0.0

R1(config-router)#no sync

R1(config-router)#exit

*Feb 18 12:04:32.531: %BGP-5-ADJCHANGE: neighbor 12.1.1.2 Up

R2(config)#router bgp 65200

R2(config-router)#neighbor 12.1.1.1 remote-as 65100

R2(config-router)#neighbor 23.1.1.2 remote-as 65200

R2(config-router)#network 20.0.0.0 mask 255.0.0.0

R2(config-router)#network 12.0.0.0 mask 255.0.0.0

R2(config-router)#network 23.0.0.0 mask 255.0.0.0

R2(config-router)#no sync

R2(config-router)#exit

*Feb 18 12:04:32.687: %BGP-5-ADJCHANGE: neighbor 12.1.1.1 Up

*Feb 18 12:05:30.427: %BGP-5-ADJCHANGE: neighbor 23.1.1.2 Up

R3(config)#router bgp 65200

R3(config-router)#neighbor 34.1.1.2 remote-as 65300

R3(config-router)#neighbor 23.1.1.1 remote-as 65200

R3(config-router)#network 30.0.0.0 mask 255.0.0.0

R3(config-router)#network 34.0.0.0 mask 255.0.0.0

R3(config-router)#network 23.0.0.0 mask 255.0.0.0

R3(config-router)#no sync

R3(config-router)#exit

*Feb 18 12:05:30.535: %BGP-5-ADJCHANGE: neighbor 23.1.1.1 Up

*Feb 18 12:09:19.379: %BGP-5-ADJCHANGE: neighbor 34.1.1.2 Up

R4(config)#router bgp 65300

R4(config-router)#neighbor 34.1.1.1 remote-as 65200

R4(config-router)#neighbor 45.1.1.2 remote-as 65100

R4(config-router)#network 40.0.0.0 mask 255.0.0.0

R4(config-router)#network 34.0.0.0 mask 255.0.0.0

R4(config-router)#network 45.0.0.0 mask 255.0.0.0

R4(config-router)#no sync

R4(config-router)#exit

*Feb 18 12:09:18.955: %BGP-5-ADJCHANGE: neighbor 34.1.1.1 Up

*Feb 18 12:09:56.799: %BGP-5-ADJCHANGE: neighbor 45.1.1.2 Up

R5(config)#router bgp 65100

R5(config-router)#neighbor 45.1.1.1 remote-as 65300

R5(config-router)#network 50.0.0.0 mask 255.0.0.0

R5(config-router)#network 45.0.0.0 mask 255.0.0.0

R5(config-router)#no sync

R5(config-router)#exit

*Feb 18 12:09:56.643: %BGP-5-ADJCHANGE: neighbor 45.1.1.1 Up

R1#show ip bgp

BGP table version is 9, local router ID is 12.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.0.0.0         0.0.0.0                  0         32768 i

*  12.0.0.0         12.1.1.2                 0             0 65200 i

*>                  0.0.0.0                  0         32768 i

*> 20.0.0.0         12.1.1.2                 0             0 65200 i

*> 23.0.0.0         12.1.1.2                 0             0 65200 i

*> 30.0.0.0         12.1.1.2                               0 65200 i

*> 34.0.0.0         12.1.1.2                               0 65200 i

*> 40.0.0.0         12.1.1.2                               0 65200 65300 i

*> 45.0.0.0         12.1.1.2                               0 65200 65300 I

(as you can see router 1 does not have a 50.1.1.1/8 network in its routing table because of the loop prevention feature)

R5#show ip bgp

BGP table version is 9, local router ID is 50.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 12.0.0.0         45.1.1.1                               0 65300 65200 i

*> 20.0.0.0         45.1.1.1                               0 65300 65200 i

*> 23.0.0.0         45.1.1.1                               0 65300 65200 i

*> 30.0.0.0         45.1.1.1                               0 65300 65200 i

*> 34.0.0.0         45.1.1.1                 0             0 65300 i

*> 40.0.0.0         45.1.1.1                 0             0 65300 i

*  45.0.0.0         45.1.1.1                 0             0 65300 i

*>                  0.0.0.0                  0         32768 i

*> 50.0.0.0         0.0.0.0                  0         32768 i

(as you can see router 5 does not have a 10.1.1.1/8 network in its routing table because of the loop prevention feature both routers are in the same AS 65100)

R1(config)#router bgp 65100

R1(config-router)#neighbor 12.1.1.2 allowas-in

R1(config-router)#exit

R1(config)#end

R5(config)#router bgp 65100

R5(config-router)#neighbor 45.1.1.1 allowas-in

R5(config-router)#exit

R5(config)#end

R1#show ip bgp

BGP table version is 10, local router ID is 12.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.0.0.0         0.0.0.0                  0         32768 i

*  12.0.0.0         12.1.1.2                 0             0 65200 i

*>                  0.0.0.0                  0         32768 i

*> 20.0.0.0         12.1.1.2                 0             0 65200 i

*> 23.0.0.0         12.1.1.2                 0             0 65200 i

*> 30.0.0.0         12.1.1.2                               0 65200 i

*> 34.0.0.0         12.1.1.2                               0 65200 i

*> 40.0.0.0         12.1.1.2                               0 65200 65300 i

*> 45.0.0.0         12.1.1.2                               0 65200 65300 i

*> 50.0.0.0         12.1.1.2                               0 65200 65300 65100 i

R5#show ip bgp

BGP table version is 10, local router ID is 50.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.0.0.0         45.1.1.1                               0 65300 65200 65100 i

*> 12.0.0.0         45.1.1.1                               0 65300 65200 i

*> 20.0.0.0         45.1.1.1                               0 65300 65200 i

*> 23.0.0.0         45.1.1.1                               0 65300 65200 i

*> 30.0.0.0         45.1.1.1                               0 65300 65200 i

*> 34.0.0.0         45.1.1.1                 0             0 65300 i

*> 40.0.0.0         45.1.1.1                 0             0 65300 i

*  45.0.0.0         45.1.1.1                 0             0 65300 i

*>                  0.0.0.0                  0         32768 i

*  50.0.0.0         45.1.1.1                               0 65300 65100 i

*>                  0.0.0.0                  0         32768 I

(as you can see after we allows-in feature both the routers installed same AS routes in to their routing table)

R1#ping 50.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 50.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 132/154/180 ms

R1#traceroute 50.1.1.1

Type escape sequence to abort.

Tracing the route to 50.1.1.1

  1 12.1.1.2 20 msec 32 msec 32 msec

  2 23.1.1.2 [AS 65200] 72 msec 64 msec 64 msec

  3 34.1.1.2 [AS 65200] 96 msec 92 msec 104 msec

  4 45.1.1.2 [AS 65300] 148 msec 116 msec 140 msec

R5#ping 10.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 120/148/180 ms

R5#traceroute 10.1.1.1

Type escape sequence to abort.

Tracing the route to 10.1.1.1

  1 45.1.1.1 32 msec 32 msec 32 msec

  2 34.1.1.1 [AS 65300] 64 msec 64 msec 64 msec

  3 23.1.1.1 [AS 65200] 104 msec 96 msec 96 msec

  4 12.1.1.1 [AS 65200] 128 msec 152 msec 132 msec

I hope you like this article if you like it please visit to our YouTube channel

https://www.youtube.com/@internetworkss

What is BGP route dampening? How to configure BGP route Dampening?

 BGP route dampening is a mechanism used in the Border Gateway Protocol (BGP) to mitigate the negative effects of route flapping. Route flapping occurs when a BGP route is repeatedly advertised and withdrawn, causing instability in the network. This instability can lead to increased CPU load on routers, excessive BGP updates, and potential routing loops.

BGP route dampening works by assigning a penalty to a route each time it flaps. If the route continues to flap, the penalty accumulates. Once the penalty exceeds a certain threshold, the route is dampened, meaning it is suppressed and not considered for routing decisions. This prevents the flapping route from causing further disruption to the network.

After some time, the penalty for a dampened route begins to decrease. Once the penalty falls below another threshold, the route is un-dampened and can be used again. This allows the route to recover if the underlying issue causing the flapping has been resolved.

BGP route dampening helps to improve network stability and reduce the load on routers by preventing the propagation of flapping routes. However, it can also lead to temporary loss of connectivity for some destinations if routes are dampened for extended periods. Therefore, it is important to carefully configure the dampening parameters to balance stability and availability.

 

Note-

• BGP route dampening is designed to reduce route processing load caused by unstable routes. 
• Each time an eBGP route flaps, it gets 1000 penalty points. we cannot modify this configuration. 

        *Feb  4 13:14:50.315: EvD: charge penalty 1000, new accum. penalty 1000, flap count 1

• only eBGP routes are dampened.
• if the penalty exceeds the suppress limit the route is dampened and no longer used but if the route penalty is dropped below the threshold the route is again in use and propagated. 
• a penalty is applied on the individual path in the BGP table, not on the IP prefix. you can see the unreachable routes in the table marked with h. 

R2#show ip bgp

BGP table version is 20, local router ID is 192.168.4.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i1.1.1.0/24       192.168.1.1              0    100      0 i

 h 3.3.3.0/24       192.168.3.1              0             0 65300 i

*>i10.0.0.0         192.168.1.1              0    100      0 i

*> 30.0.0.0         192.168.3.1              0             0 65300 i

*> 40.0.0.0         192.168.4.1              0             0 65400 i

* i192.168.1.0      192.168.1.1              0    100      0 i

*>                  0.0.0.0                  0         32768 i

*  192.168.3.0      192.168.3.1              0             0 65300 i

*>                  0.0.0.0                  0         32768 i

*  192.168.4.0      192.168.4.1              0             0 65400 i

*>                  0.0.0.0                  0         32768 i

• configure the topology as per the diagram
• configure IP addresses as per the topology
• configure iBGP and eBGP as per the topology 
• configure BGP dampening on router 2 AS 65100
• manually flaps the route loopback 3.3.3.3 in an AS 65300
• make sure  3.3.3.3/24 in h state in the routing table  and dampened 

R1(config)#interface loopback 1

R1(config-if)#ip address 1.1.1.1 255.255.255.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface fastethernet 2/0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no keepalive

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface fastethernet 0/0

R1(config-if)#ip address 192.168.1.1 255.255.255.0

R1(config-if)#no shutdown

R1(config-if)#exit

R2(config)#interface fastethernet 0/0

R2(config-if)#ip address 192.168.1.2 255.255.255.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface serial 4/0

R2(config-if)#ip address 192.168.4.2 255.255.255.0

R2(config-if)#no keepalive

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface serial 4/1

R2(config-if)#ip address 192.168.3.2 255.255.255.0

R2(config-if)#no shutdown

R2(config-if)#exit

R3(config)#interface loopback 1

R3(config-if)#ip address 3.3.3.3 255.255.255.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface fastethernet 2/0

R3(config-if)#ip address 30.1.1.1 255.0.0.0

R3(config-if)#no keepalive

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/1

R3(config-if)#ip address 192.168.3.1 255.255.255.0

R3(config-if)#no shutdown

R3(config-if)#exit

R4(config)#interface loopback 1

R4(config-if)#ip address 4.4.4.4 255.255.255.0

R4(config-if)#no shutdown

R4(config-if)#exit

R4(config)#interface fastethernet 2/0

R4(config-if)#ip address 40.1.1.1 255.0.0.0

R4(config-if)#no keepalive

R4(config-if)#no shutdown

R4(config-if)#exit

R4(config)#interface serial 4/0

R4(config-if)#ip address 192.168.4.1 255.255.255.0

R4(config-if)#no shutdown

R4(config-if)#exit

R1(config)#router bgp 65100

R1(config-router)#neighbor 192.168.1.2 remote-as 65100

R1(config-router)#network 10.0.0.0

R1(config-router)#network 1.1.1.0 mask 255.255.255.0

R1(config-router)#network 192.168.1.0 mask 255.255.255.0

R1(config-router)#no auto-summary

R1(config-router)#no synchronization

R1(config-router)#exit

R2(config)#router bgp 65100

R2(config-router)#neighbor 192.168.1.1 remote-as 65100

R2(config-router)#neighbor 192.168.4.1 remote-as 65400

R2(config-router)#neighbor 192.168.3.1 remote-as 65300

R2(config-router)#network 192.168.1.0 mask 255.255.255.0

R2(config-router)#network 192.168.3.0 mask 255.255.255.0

R2(config-router)#network 192.168.4.0 mask 255.255.255.0

R2(config-router)#neighbor 192.168.1.1 next-hop-self

R2(config-router)#bgp log-neighbor-changes

R2(config-router)#no synchronization

R2(config-router)#no auto-summary

R2(config-router)#exit

R3(config)#router bgp 65300

R3(config-router)#neighbor 192.168.3.2 remote-as 65100

R3(config-router)#network 3.3.3.0 mask 255.255.255.0

R3(config-router)#network 30.0.0.0

R3(config-router)#network 192.168.3.0 mask 255.255.255.0

R3(config-router)#bgp log-neighbor-changes

R3(config-router)#no synchronization

R3(config-router)#no auto-summary

R3(config-router)#exit

R4(config)#router bgp 65400

R4(config-router)#neighbor 192.168.4.2 remote-as 65100

R4(config-router)#network 40.0.0.0

R4(config-router)#network 4.0.0.0 mask 255.255.255.0

R4(config-router)#network 192.168.4.0 mask 255.255.255.0

R4(config-router)#no auto-summary

R4(config-router)#no synchronization

R4(config-router)#bgp log-neighbor-changes

R4(config-router)#exit

R1#show ip bgp

BGP table version is 11, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.0/24       0.0.0.0                  0         32768 i

*>i3.3.3.0/24       192.168.1.2              0    100      0 65300 i

*> 10.0.0.0         0.0.0.0                  0         32768 i

*>i30.0.0.0         192.168.1.2              0    100      0 65300 i

*>i40.0.0.0         192.168.1.2              0    100      0 65400 i

* i192.168.1.0      192.168.1.2              0    100      0 i

*>                  0.0.0.0                  0         32768 i

*>i192.168.3.0      192.168.1.2              0    100      0 i

*>i192.168.4.0      192.168.1.2              0    100      0 i

R2(config)#router bgp 65100

R2(config-router)#bgp dampening

R2(config-router)#end

R2#show ip bgp dampening parameters

 dampening 15 750 2000 60 (DEFAULT)

  Half-life time      : 15 mins       Decay Time       : 2320 secs

  Max suppress penalty: 12000         Max suppress time: 60 mins

  Suppress penalty    :  2000         Reuse penalty    : 750

R2(config)#router bgp 65100

R2(config-router)#neighbor 192.168.1.1 advertisement-interval 1

R3(config)#interface loopback 1

R3(config-if)#shutdown

R3(config-if)#no shutdown

R3(config-if)#no shutdown

R3(config-if)#shutdown

R3(config-if)#no shutdown

*Feb  4 13:14:50.315: EvD: charge penalty 1000, new accum. penalty 1000, flap count 1

*Feb  4 13:14:50.319: BGP(0): charge penalty for 3.3.3.0/24 path 65300 with half life-time 15 reuse/suppress 750/2000

*Feb  4 13:14:50.319: BGP(0): flapped 1 times since 00:00:00. New penalty is 1000

*Feb  4 13:14:50.655: EvD: accum. penalty decayed to 1000 after 0 second(s)

R2#show ip bgp dampening flap-statistics

BGP table version is 17, local router ID is 192.168.4.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          From            Flaps Duration Reuse    Path

*> 3.3.3.0/24       192.168.3.1     1     00:00:39          65300

R2#show ip bgp 3.3.3.3

BGP routing table entry for 3.3.3.0/24, version 17

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x820

  Advertised to update-groups:

     1          2

  65300

    192.168.3.1 from 192.168.3.1 (3.3.3.3)

      Origin IGP, metric 0, localpref 100, valid, external, best

      Dampinfo: penalty 936, flapped 1 times in 00:01:32

R2#show ip bgp

BGP table version is 20, local router ID is 192.168.4.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*>i1.1.1.0/24       192.168.1.1              0    100      0 i

 h 3.3.3.0/24       192.168.3.1              0             0 65300 i

*>i10.0.0.0         192.168.1.1              0    100      0 i

*> 30.0.0.0         192.168.3.1              0             0 65300 i

*> 40.0.0.0         192.168.4.1              0             0 65400 i

* i192.168.1.0      192.168.1.1              0    100      0 i

*>                  0.0.0.0                  0         32768 i

*  192.168.3.0      192.168.3.1              0             0 65300 i

*>                  0.0.0.0                  0         32768 i

*  192.168.4.0      192.168.4.1              0             0 65400 i

*>                  0.0.0.0                  0         32768 i

What is uplinkfast?

 

Spanning tree UplinkFast is a Cisco-specific enhancement to the Spanning Tree Protocol (STP). It's designed to improve the convergence time in the event of a direct link failure, especially in access-layer switches with redundant links to the distribution layer.

Here's how it works:

Quick Recovery: When the primary uplink fails, UplinkFast allows the switch to quickly transition the blocked port to forwarding, bypassing the usual listening and learning states.

Preventing Loops: It modifies the Bridge Protocol Data Units (BPDUs) to prevent loops by increasing the path cost and setting the local bridge priority.

Immediate Restoration: This feature ensures that connectivity is restored almost immediately, reducing downtime significantly.

UplinkFast is typically used in access-layer switches and should be deployed carefully to avoid potential issues with MAC address tables. 

Key points:-

• legacy/cisco proprietary feature
• uplinkfast is for speeding convergence when a direct link to an upstream switch fails. 
• when uplinkfast is enabled, it is enabled for the entire switch and all VLANs.

• this feature is not allowed on the root bridge switch. 
• when uplinkfast is configured, the bridge priority is changed to 49,152 so that this switch will not be selected as root.

We have three switches. Switch-1 is our Root, and two others are non-root switches. Switch-1's ports are Desg FWD because it's a root. Switch-2's gig0/0 port is a Root FWD, and gig 0/1 is a Desg FWD. Switch-3's gig0/0 is Root FWD, and gig1/0 is an Altn BLK state port. so that's what we have, now switch-3 uses gig0/0 to reach the root bridge, what if the port shuts down? how long does it take for switch-3 to make a transition? let's see. 

switch-1#show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     0c58.a85e.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Desg FWD 4         128.1    Shr
Gi0/1               Desg FWD 4         128.2    Shr

switch-2#show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0c2e.adf7.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr
Gi0/1               Desg FWD 4         128.2    Shr

switch-3#show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0c33.c353.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr
Gi0/1               Altn BLK 4         128.2    Shr

switch-3#debug spanning-tree events

Spanning Tree event debugging is on

switch-3(config)#interface gigabitEthernet 0/0

switch-3(config-if)#shutdown

*Jan  5 08:15:36.684: STP: VLAN0001 new root port Gi0/1, cost 8

*Jan  5 08:15:36.684: STP: VLAN0001 Gi0/1 -> listening

*Jan  5 08:15:36.684: STP[1]: Generating TC trap for port GigabitEthernet0/0

*Jan  5 08:15:36.685: STP: VLAN0100 we are the spanning tree root

*Jan  5 08:15:38.685: STP: VLAN0001 sent Topology Change Notice on Gi0/1

*Jan  5 08:15:51.686: STP: VLAN0001 Gi0/1 -> learning

*Jan  5 08:16:06.686: STP[1]: Generating TC trap for port GigabitEthernet0/1

*Jan  5 08:16:06.686: STP: VLAN0001 Gi0/1 -> forwarding

switch-3#show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             Cost        8
             Port        2 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0c33.c353.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Root FWD 4         128.2    Shr

after a long time of listening and learning forwarding. our previous  Gig0/1 Altn BLK port is now Root FWD. This process takes time. now we have configure the Cisco Uplinkfast feature.  

switch-3(config)#interface gigabitEthernet 0/0

switch-3(config-if)#no shutdown

switch-3(config-if)#exit

switch-3(config)#do show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0c33.c353.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  15  sec
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr
Gi0/1               Altn BLK 4         128.2    Shr

switch-3(config)#spanning-tree uplinkfast

switch-3(config)#end

switch-3#debug spanning-tree events

Spanning Tree event debugging is on

*Jan  5 08:22:15.071: STP: VLAN0001 new root port Gi0/1, cost 3008

*Jan  5 08:22:15.071: %SPANTREE_FAST-7-PORT_FWD_UPLINK: VLAN0001 GigabitEthernet0/1 moved to Forwarding (UplinkFast).

wooo no listening no learning direct forwarding) this is Uplinkfast....

switch-3#show spanning-tree vlan 1
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0c58.a85e.0000
             Cost        3008
             Port        2 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
  Bridge ID  Priority    49153  (priority 49152 sys-id-ext 1)
             Address     0c33.c353.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec
  Uplinkfast enabled
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Root FWD 3004      128.2    Shr

you see after we configure the Uplinkfast feature this switch means switch-3 bridge ID priority is changed. now this switch will never be a root bridge. unless we disable uplink fast. so never configure Uplink fast on the root switch.