Posted on May 30, 2019 4:50 pm
 |  Asked by Jesus Alvarez
Print Friendly, PDF & Email

I configured a DCS-7050QX-32S for a simple BGP failover, accepting only a default route. Is there a way to protect against route overflow when the peer sends more than the specified maximum-routes? The prefix-list limits accepted routes to only one, but the maximum-routes limit is applied to received (not accepted ) routes, causing an Idle(MaxPath) state.

Setting “maximum-routes 0” would seem a logical alternative, except that with it BGP doesn’t converge when the peer sends a large number of routes.

ip prefix-list default_route seq 10 permit
router bgp 1001
timers bgp 10 30
neighbor remote-as 1002
neighbor route-map localonly out
neighbor prefix-list default_route in
neighbor maximum-routes 100

Posted by Aesha Parikh
Answered on May 30, 2019 5:38 pm

Hi Jesus,

You can configure maximum-routes with a warning-only keyword, that way you avoid bgp tear down when received prefixes exceeds max-limit.

(config-router-bgp)#neighbor maximum-routes 200 ?
warning-limit Percentage of maximum-routes at which warning is to be issued
warning-only Only warn, no restart, if max route limit exceeded

Do note that with this command you will stop receiving new updates after limit has reached. If you know what is the expected number of received routes from that peer, you can configure maximum-routes to a bit more and then use warning-limit to throw a warning log when say 80% of threshold is reached.

Or use “Maximum-routes 0 warning-only” but as you said this does not protect you from route overflow from peer.


Posted by Jesus Alvarez
Answered on May 30, 2019 8:48 pm


Thanks. Was not aware of that “warning-only” option. That certainly helps, although it would be better if the input filter was used to select which routes stay in memory.

What I was hoping for is something like the Junos “keep none” to discard from memory any routes that don’t meet the import filter, e.g.

set protocols bgp group bgp-uplink2 neighbor import default_route
set protocols bgp group bgp-uplink2 neighbor keep none

Jesus Alvarez

Posted by alton
Answered on May 2, 2020 6:45 am

Hi Jesus,

EOS also support an option "maximum-accepted-route <limit>" with a limit.   This functionality applies the limit after the inbound policy filter is applied, to prevent a misconfiguration resulting in a peer using too much hardware table space.  When the limit is exceeded, the peer session will be put into the Idle state forever.  This newer option does not support the option "warning only".


Alton Lo

Post your Answer

You must be logged in to post an answer.