Sa Message Limits; Msdp Keepalive And Hold-Time Intervals; Msdp Connection-Retry Interval - Cisco Catalyst 3850 series Configuration Manual

SA Message Limits

SA Message Limits
The ip msdp sa-limit command is used to limit the overall number of SA messages that a device can accept
from specified MSDP peers. When the ip msdp sa-limit command is configured, the device maintains a
per-peer count of SA messages stored in the SA cache and will ignore new messages from a peer if the
configured SA message limit for that peer has been reached.
The ip msdp sa-limit command was introduced as a means to protect an MSDP-enabled device from denial
of service (DoS) attacks. We recommended that you configure SA message limits for all MSDP peerings on
the device. An appropriately low SA limit should be configured on peerings with a stub MSDP region (for
example, a peer that may have some further downstream peers but that will not act as a transit for SA messages
across the rest of the Internet). A high SA limit should be configured for all MSDP peerings that act as transits
for SA messages across the Internet.

MSDP Keepalive and Hold-Time Intervals

The ip msdp keepalive command is used to adjust the interval at which an MSDP peer will send keepalive
messages and the interval at which the MSDP peer will wait for keepalive messages from other peers before
declaring them down.
Once an MSDP peering session is established, each side of the connection sends a keepalive message and
sets a keepalive timer. If the keepalive timer expires, the local MSDP peer sends a keepalive message and
restarts its keepalive timer; this interval is referred to as the keepalive interval. The keepalive-intervalargument
is used to adjust the interval for which keepalive messages will be sent. The keepalive timer is set to the value
specified for the keepalive-intervalargument when the peer comes up. The keepalive timer is reset to the value
of the keepalive-interval argument whenever an MSDP keepalive message is sent to the peer and reset when
the timer expires. The keepalive timer is deleted when an MSDP peering session is closed. By default, the
keepalive timer is set to 60 seconds.
The value specified for the keepalive-interval argument must be less than the value specified for the
Note
holdtime-intervalargument and must be at least one second.
The hold-time timer is initialized to the value of the hold-time-interval argument whenever an MSDP peering
connection is established, and is reset to the value of the hold-time-intervalargument whenever an MSDP
keepalive message is received. The hold-time timer is deleted whenever an MSDP peering connection is
closed. By default, the hold-time interval is set to 75 seconds.
Use the hold-time-interval argument to adjust the interval at which the MSDP peer will wait for keepalive
messages from other peers before declaring them down.

MSDP Connection-Retry Interval

You can adjust the interval at which all MSDP peers will wait after peering sessions are reset before attempting
to reestablish the peering sessions. This interval is referred to as the connection-retry interval. By default,
MSDP peers will wait 30 seconds after the session is reset before attempting to reestablish sessions with other
peers. The modified configured connection-retry interval applies to all MSDP peering sessions on the device.
IP Multicast Routing Configuration Guide, Cisco IOS XE Release 3.6E (Catalyst 3850 Switches)
204
Configuring MSDP
OL-32598-01