OCI FastConnect provides a dedicated, private connection between an on-premises data center and OCI, delivering higher bandwidth and a more reliable, consistent networking experience than internet-based connections. 

When OCI performs FastConnect planned maintenance, it makes two BGP changes to gracefully shift traffic away from the device undergoing maintenance. OCI sends the BGP Graceful Shutdown community 65535:0 to tell the customer router to de-prefer the path, and it prepends Oracle AS 31898 to make routes learned over that virtual circuit less preferred. If the customer router is configured to honor either of these signals, traffic should shift gracefully to the redundant path when FastConnect redundancy is in place. 

For customers who are not familiar with BGP Graceful Shutdown, this can raise a few immediate questions. What does it mean? Do any router configuration changes need to be made before the maintenance window? Will traffic move automatically if nothing is changed? 

This post explains what BGP Graceful Shutdown is, how it works with FastConnect, and what customers should verify in their environment before planned maintenance.   


What is BGP Graceful Shutdown? 

BGP Graceful Shutdown, defined in RFC 8326, is a mechanism designed to minimize traffic loss during planned maintenance. Instead of abruptly terminating a BGP session and forcing traffic to reconverge only after the failure occurs, a router first signals to its neighbors that the affected path should no longer be preferred.  

It does this by attaching the well-known BGP community 65535:0 to those routes. A receiving router can then de-prefer the path before the link or session is actually shut down. That de-preference is achieved by lowering local preference, either through explicit or implicit policy.  

By enabling Graceful Shutdown, a router can de-prefer the path planned for maintenance before it is withdrawn. This allows alternate paths to be selected and propagated first, reducing the packet loss that can occur when a path is removed abruptly.  


In OCI FastConnect, Graceful Shutdown is used together with AS path prepending during planned maintenance. Customers should ensure that their equipment responds predictably to at least one of these signals, ideally Graceful Shutdown.  

The key point is this: Graceful Shutdown does not create resiliency by itself. It improves the failover experience when there is a redundant FastConnect virtual circuit terminating on a different FastConnect router and when the customer router is configured to react appropriately. For more information on FastConnect redundancy, see FastConnect Redundancy Best Practices.  


CPE Configuration 

RFC 8326 defines the behavior at a high level, but vendors differ in how they implement Graceful Shutdown.  

For FastConnect customers, the most important question is whether the Customer Premises Equipment (CPE) automatically de-prefers routes tagged with community 65535:0, or whether an explicit inbound routing policy is required.  

The examples below focus on the receiver side because OCI handles the initiator side during FastConnect maintenance.  

Cisco 

On Cisco routers, receiver-side BGP Graceful Shutdown is typically implemented with an explicit, user-configured inbound policy that matches community 65535:0 and lowers local preference (see Cisco documentation).  

Example:  

! 

ip bgp-community new-format 

ip community-list standard GSHUT permit 65535:0 

! 

route-map OCI-GSHUT-IN permit 10 

 match community GSHUT 

 set local-preference 0 

route-map OCI-GSHUT-IN permit 20 

! 

router bgp 65000 

 neighbor 192.0.2.1 remote-as 31898 

 neighbor 192.0.2.1 send-community both 

 neighbor 192.0.2.1 route-map OCI-GSHUT-IN in 

!

In this example, any route received from OCI with community 65535:0 is assigned local preference 0, making it the least-preferred path inside the customer AS. 

Juniper 

On Juniper routers, receiver-side BGP Graceful Shutdown behavior is enabled by default. When Junos receives routes tagged with community 65535:0, it automatically lowers their local preference to 0. No explicit inbound policy is required unless the default behavior needs to be changed (see Juniper documentation). 

It is important to note that network equipment behavior varies by software version and platform, so customers should validate beforehand. 


What Happens If You Do Nothing? 

If the on-premises router does not honor either the Graceful Shutdown community tag or the AS path prepending, a common outcome at the start of the maintenance window is asymmetric routing. In that situation, traffic from on-premises to OCI may continue using the path under maintenance, while traffic from OCI to on-premises has already shifted to the redundant path.  

This can happen because OCI begins draining traffic away from the affected path before the BGP session is taken down. If the customer router does not de-prefer the routes tagged with community 65535:0, or does not respond to AS path prepending, it may continue sending traffic over the original path longer than intended. The result is traffic flowing in different directions over different links.  


Whether this becomes a real problem depends largely on the firewall design on the customer side. 

Some firewall platforms track session state at the security-zone level. In those environments, asymmetric routing may not be an issue as long as both interfaces belong to the same zone. 

Other firewall platforms track state at the interface level. In those environments, asymmetric routing can cause return traffic to be dropped because packets do not arrive on the interface where the session was originally initiated or established. In some cases, TCP SYN checking or similar session-validating features may need to be adjusted to tolerate asymmetric flows during maintenance.  

If the router cannot be changed to react properly to Graceful Shutdown, it is a good idea to review firewall behavior in advance and confirm whether asymmetric routing at the start of the maintenance could affect production traffic.   

Eventually, the BGP session on the FastConnect router under maintenance is taken down, and traffic is forced to converge to the redundant path if it has not already done so through Graceful Shutdown or AS path prepending. Some packet loss can occur during that transition while the customer router reconverges and selects the next best path.  

Graceful Shutdown reduces customer impact during maintenance by moving traffic in a controlled way before the BGP session is terminated, rather than forcing reconvergence after an abrupt path withdrawal. 


Recommendations for FastConnect Customers 

Before a planned maintenance event, customers should validate three things:  

  • There is redundant connectivity available for traffic to fail over to. 
  • The CPE properly responds to community 65535:0 or at least responds predictably to AS path prepending. 
  • Any on-premises firewalls can tolerate temporary asymmetric routing, if it occurs. 

These checks help ensure that traffic shifts cleanly before the session under maintenance is taken down.  

Final Thoughts 

BGP Graceful Shutdown is a simple mechanism with an important purpose: reduce packet loss during planned maintenance by moving traffic before the outage occurs.  

For OCI FastConnect customers, the operational takeaway is straightforward. OCI sends both the Graceful Shutdown community 65535:0 and AS path prepends during maintenance, but the outcome depends on how the customer network reacts. In environments with redundant connectivity and properly configured CPE, traffic can move away from the affected path with little or no disruption. In environments where the router or firewall is not prepared, maintenance may still succeed, but with a higher risk of asymmetric traffic and packet loss. 

Planning for that behavior ahead of time makes FastConnect maintenance much smoother. For more information, see Maintaining Virtual Circuits