BGP Configuration Guide for Cisco 8000 Series Routers, Cisco IOS XR Releases

Black box monitoring

Updated: February 28, 2026

Want to summarize with AI?

Overview

Introduces black box monitoring concepts and provides reference details for configuring and utilizing black box monitoring in network troubleshooting scenarios.

Black box monitoring is a network monitoring feature that

establishes a dummy BGP session across GRE encapsulation and decapsulation infrastructure,
uses a router peering to an address configured on the peering fabric that peers to itself, and
requires connecting two interfaces with a physical cable and separating routing tables using a VRF to bring up the BGP session.

This technique simulates a BGP session to test the GRE tunnel and routing fabric without involving actual traffic. The use of VRF allows the router to peer with itself, which is normally not permitted in standard routing tables.

Table 1. Feature History Table
Feature Name	Release Information	Feature Description
Black Box Monitoring	Release 7.3.2	This feature enables you to set up forwarding path on the router that you can use to probe customer circuits for system metrics specific to the network devices. Such monitoring helps you to keep up the service level agreements with your customers.

Black box monitoring overview

Black box monitoring helps you verify the health and functionality of your GRE tunnel and BGP peering fabric by simulating a BGP session. This technique uses a dummy BGP session established across GRE encapsulation and decapsulation infrastructure. It is important because it allows you to test your network’s forwarding and routing behavior without impacting live traffic.

These are the network interface and traffic control key components:

Local proxy ARP and IPv4 addressing: Used on Bundle-Ether interfaces with VLAN encapsulation and access control lists to facilitate communication.
Interface bundling: FortyGigE interfaces are bundled with specific bundle IDs to aggregate links.
IPv4 access lists: Permit ICMP echo-reply, IPv4 traffic with specific next hops, and TCP traffic on BGP ports to control traffic flow.
BGP setup: Includes router ID, logging, address families for IPv4 unicast and VPNv4 unicast, maximum paths, and neighbor settings such as remote AS and ebgp-multihop to establish routing sessions.
Route policies: Applied for inbound and outbound traffic to manage routing behavior.
Loopback interfaces: Configured in global and VRF contexts to provide stable IP endpoints.

These are the traffic classification and tunneling key components:

Class maps: Match GRE protocol and destination address to identify relevant traffic.
Policy maps: Implement policy-based routing to decapsulate GRE traffic.
VRF policies: Apply input traffic policies using the policy map for traffic segregation.
GRE tunnel interfaces: Use unnumbered IP from loopback, tunnel mode, source, destination, and logging to encapsulate traffic.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.