When your router takes so long time to learn routes, do not try to tweak too long Time your bgp router process…
Think mtu 😉 it is not unique solution but it is big one 😉

For those of you which configuring IPSec and have packet loss in transit… Perhaps this configuration could help :

crypto ipsec client ezvpn REGISBTP
 connect auto
 group VPN-CLIENT2 key jsdfxkqwpoe
 local-address FastEthernet0
 mode network-extension
 peer 22.22.22.22
 username ipsec1@client2.vpn password jsdfxkqwpoe
 xauth userid mode local

interface FastEthernet0
 ip address 192.168.1.36 255.255.255.0
 ip mtu 1460
 no ip route-cache cef
 ip tcp adjust-mss 1420
 duplex auto
 speed auto
 crypto ipsec client ezvpn CLIENT2
!         

interface Vlan1
 ip address 10.20.0.1 255.255.255.0
 ip mtu 1460
 ip virtual-reassembly
 ip tcp adjust-mss 1420
 crypto ipsec client ezvpn CLIENT2 inside
!         
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.254

The really interesting command (which resolves packet loss) is :

no ip route-cache cef

Ok, now you use FastSwitching and use more CPU, but the service is now OK agains 50% packet loss…

You could read :

• http://cisco.com/en/US/customer/tech/tk436/tk428/technologies_configuration_example09186a00801e1294.shtml
• http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfipsec.html

Hello,

I don’t know if you already have had to reply with multiple same type of attributes (with FreeRadius) such as multiple : “Frame-Route”.

You can do this with the operator ‘+=’ (when you use FreeRadius with MySQL backend).

Hope this helps…

To begin : How to calculate the ASN 4 bytes we need to configure it ?

So : ASN-decimal = 197632.

197632 % 65536 = 3

And

197632 - (65536 * 3) = 1024

Ok. Now we can configure it on a Cisco router :

router bgp XXXX

nei 197.66.55.33 remote-as 3.1024

I let you go on the configuration as always it works.