A remote router has a flaky connection. Route appears, disappears, appears again — 10 times per minute. Each flap propagates through BGP. Your router processes updates. Your peers process updates. The entire internet processes updates. All for a route that will flap again in seconds.
BGP dampening penalizes routes that flap frequently. After enough flaps, the route is suppressed — temporarily hidden until it proves stable. This protects your network from chasing unstable routes.
Dampening prevents unstable routes from destabilizing your network.
How Dampening Works
Route flap detected: → Penalty added (e.g., +1000) → If penalty > suppress threshold: route suppressed → Penalty decays over time → If penalty < reuse threshold: route unsuppressedKey Parameters
| Parameter | Description | Typical Value |
|---|---|---|
| Half-life | Time for penalty to decay by half | 15 minutes |
| Reuse | Penalty below which route is reused | 750 |
| Suppress | Penalty above which route is suppressed | 2000 |
| Max-suppress | Maximum suppression time | 60 minutes |
Example Timeline
Time 0:00 - Route withdrawn → Penalty: 1000Time 0:01 - Route announced → Penalty: 2000 (flap)Time 0:02 - Route withdrawn → Penalty: 3000 → SUPPRESSED (> 2000)Time 0:03 - Route announced → Still suppressed, penalty +1000 = 4000
Time 15:00 - Penalty decayed to 2000 (half-life)Time 30:00 - Penalty decayed to 1000Time 35:00 - Penalty decayed to ~750 → REUSED (< 750)Basic Dampening Configuration
Enable Dampening Globally
configure
# Enable with default parametersset protocols bgp address-family ipv4-unicast dampening
commitCustom Parameters
configure
# Custom dampening parametersset protocols bgp address-family ipv4-unicast dampening half-life 15set protocols bgp address-family ipv4-unicast dampening re-use 750set protocols bgp address-family ipv4-unicast dampening start-suppress-time 2000set protocols bgp address-family ipv4-unicast dampening max-suppress-time 60
commitPer-Neighbor Dampening
# Different dampening for different peers# Typically done via route-map
configure
# More aggressive for untrusted peersset policy route-map DAMPENING-AGGRESSIVE rule 10 action permitset policy route-map DAMPENING-AGGRESSIVE rule 10 set dampening half-life 10set policy route-map DAMPENING-AGGRESSIVE rule 10 set dampening re-use 500set policy route-map DAMPENING-AGGRESSIVE rule 10 set dampening start-suppress-time 1500
# Apply to peerset protocols bgp neighbor 10.0.0.2 address-family ipv4-unicast route-map import DAMPENING-AGGRESSIVE
commitViewing Dampening Status
Show Dampened Routes
# Show all dampened routesshow bgp ipv4 unicast dampening dampened-paths
# Output:# Network From Reuse Path# 203.0.113.0/24 10.0.0.2 00:25:00 65002 65003# 198.51.100.0/24 10.0.0.2 00:45:00 65002 65004Show Flap Statistics
# Show routes with flap historyshow bgp ipv4 unicast dampening flap-statistics
# Output:# Network From Flaps Duration Reuse Path# 203.0.113.0/24 10.0.0.2 15 01:30:00 00:25:00 65002# 198.51.100.0/24 10.0.0.2 8 00:45:00 00:45:00 65002Show Dampening Parameters
# Show configured parametersshow bgp ipv4 unicast dampening parameters
# Output:# Half-life time: 15 minutes# Reuse penalty: 750# Suppress penalty: 2000# Max suppress time: 60 minutesClearing Dampening
Clear Specific Route
# Clear dampening for specific prefixclear bgp ipv4 unicast dampening 203.0.113.0/24Clear All Dampened Routes
# Clear all dampening historyclear bgp ipv4 unicast dampeningParameter Tuning
Aggressive Dampening
For untrusted peers or known-unstable sources:
configure
# Quick to suppress, slow to recoverset protocols bgp address-family ipv4-unicast dampening half-life 10set protocols bgp address-family ipv4-unicast dampening re-use 500set protocols bgp address-family ipv4-unicast dampening start-suppress-time 1000set protocols bgp address-family ipv4-unicast dampening max-suppress-time 60
# Suppress after ~1-2 flaps# Stay suppressed for up to 1 hour# Be very stable to return
commitLenient Dampening
For trusted peers or critical routes:
configure
# Harder to suppress, quick to recoverset protocols bgp address-family ipv4-unicast dampening half-life 20set protocols bgp address-family ipv4-unicast dampening re-use 1000set protocols bgp address-family ipv4-unicast dampening start-suppress-time 3000set protocols bgp address-family ipv4-unicast dampening max-suppress-time 30
# Suppress after ~3+ flaps# Return to use faster# Maximum 30 minutes suppression
commitCalculating Flaps to Suppress
Suppress threshold / Penalty per flap = Flaps to suppress
Example:2000 / 1000 = 2 flaps → suppressed
With decay during flapping, actual number variesSelective Dampening
Dampen Only Specific Prefixes
configure
# Only dampen longer prefixes (more specific routes)set policy prefix-list DAMPEN-TARGETS rule 10 prefix 0.0.0.0/0 ge 24
set policy route-map SELECTIVE-DAMPEN rule 10 match ip address prefix-list DAMPEN-TARGETSset policy route-map SELECTIVE-DAMPEN rule 10 action permitset policy route-map SELECTIVE-DAMPEN rule 10 set dampening half-life 15
set policy route-map SELECTIVE-DAMPEN rule 20 action permit# No dampening for other routes
commitExclude Critical Routes
configure
# Don't dampen default route or critical prefixesset policy prefix-list NO-DAMPEN rule 10 prefix 0.0.0.0/0set policy prefix-list NO-DAMPEN rule 20 prefix 8.8.8.0/24 # Critical DNS
set policy route-map SAFE-DAMPEN rule 10 match ip address prefix-list NO-DAMPENset policy route-map SAFE-DAMPEN rule 10 action permit# No dampening for matched routes
set policy route-map SAFE-DAMPEN rule 20 action permitset policy route-map SAFE-DAMPEN rule 20 set dampening half-life 15
commitDampening Considerations
When to Use Dampening
✓ Edge routers receiving external routes ✓ Networks with known flapping sources ✓ Protection against propagating instability
When Not to Use Dampening
✗ Internal BGP (iBGP) — hides real problems ✗ Critical routes where availability is paramount ✗ Networks with known slow convergence (dampening adds to it)
Dampening vs BFD
BFD: Detect failures FASTDampening: Suppress UNSTABLE routes
They solve different problems:- BFD: "Quickly know when peer is dead"- Dampening: "Don't trust peers that keep dying"
Use both together for:- Fast failure detection (BFD)- Protection from flapping (dampening)Monitoring and Alerting
Monitor Dampening Events
# Log when routes are suppressed/reusedshow log | grep -i dampen
# Track frequently dampened prefixesshow bgp ipv4 unicast dampening flap-statisticsAlert on Persistent Dampening
# If route stays dampened, investigate source# Persistent dampening = persistent instability somewhere
# Check which peer is sourceshow bgp ipv4 unicast 203.0.113.0/24# Note the "from" peerTroubleshooting
Route Stays Suppressed
# Check current penalty and reuse timeshow bgp ipv4 unicast dampening dampened-paths
# If penalty not decaying:# - Recent flaps reset penalty# - Half-life too long
# Manual clear if neededclear bgp ipv4 unicast dampening 203.0.113.0/24Expected Route Not Appearing
# Might be dampenedshow bgp ipv4 unicast dampening dampened-paths | grep <prefix>
# If dampened, wait for reuse or clearDampening Not Working
# Verify dampening is enabledshow bgp ipv4 unicast dampening parameters
# Check route-map is appliedshow configuration commands | grep dampeningshow configuration commands | grep route-mapBest Practices
1. Start Conservative
# Default parameters are reasonable starting pointset protocols bgp address-family ipv4-unicast dampening
# Monitor before tuning2. Different Parameters for Different Sources
# Tier 1 transit: Lenient (trusted)# Tier 2 transit: Standard# Peers: Standard# Customers: Lenient (you control their stability)3. Monitor Dampening Statistics
# Regular review of what's being dampened# Persistent dampening = investigate root cause4. Don’t Dampen Everything
# Critical routes shouldn't be dampened# Internal routes shouldn't be dampened# Only dampen external routes from untrusted/unknown sourcesThe Lesson
Dampening prevents unstable routes from destabilizing your network.
Without dampening:
- Flapping route → constant updates
- Updates propagate to all peers
- CPU and memory consumed processing junk
- Potentially affects routing for stable routes
With dampening:
- Flapping route → penalty accumulates
- After threshold → route suppressed
- Network ignores unstable route
- Stable routes unaffected
The tradeoff: Dampening delays convergence for routes that are legitimately changing. A real path change looks like a flap. Too aggressive dampening can hide valid routes.
Balance: Conservative dampening on external routes, no dampening on internal/critical routes.