Solved: BGP Errors

azago · ‎03-26-2007

Mar 26 19:32:39.557 GMT-3: %BGP-5-ADJCHANGE: neighbor X.X.X.X Up

Mar 26 19:32:40.741 GMT-3: %BGP-5-ADJCHANGE: neighbor X.X.X.X Down BGP Notification sent

Mar 26 19:32:40.741 GMT-3: %BGP-3-NOTIFICATION: sent to neighbor 200.219.130.253 3/11 (invalid or corrupt AS path) 13 bytes 40020A02 041F776F D11C8200 47

Mar 26 19:32:40.741 GMT-3: BGP: X.X.X.X Bad attributes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 003C 0200 0000 2140 0101 0040 020A 0204 1F77 6FD1 1C82 0047 4003 04C8 DB82 06C0 0706 0047 1060 B336 140F E3F0

Does anyone knows were the problem could be?

Harold Ritter · ‎03-27-2007

Alexandre,

Your configuration confirms what I thought. The neighbor sends you an AS-PATH with 8055 as the first ASN, while the peer ASN is 64548. Note that "remove-private-as" is only effective for outbound messages, so doesn't apply here.

Just out of curiosity, what type of device is the neighbor. Route server? In which case in might be ok to accept the update.

If you want to accept the updates despite the first ASN in the AS-PATH doesn't match the peer ASN, you can disable this check with the following command:

router bgp xxx

no bgp enforce-first-as

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎03-26-2007

Alexandre,

The hexadecimal characters are actually a dump of the BGP message for which IOS considers the AS-PATH to be either invalid or corrupted.

After decoding the BGP message, the AS-PATH doesn't seem to be corrupted.

IOS would declare the path invalid if the first in the AS path number (last AS traversed) is not equal to the peer AS number. According to the decoded message, this ASN should be 8055. Does it match the peer ASN?

Also what version of IOS are you running on this router?

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

azago · ‎03-27-2007

Hi The IOS is sup-bootdisk:s72033-advipservicesk9_wan-mz.122-18.SXF7.bin and the config are

neighbor REGISTRO remote-as 64548

neighbor REGISTRO shutdown

neighbor REGISTRO update-source GigabitEthernet1/1.854

neighbor REGISTRO next-hop-self

neighbor REGISTRO remove-private-as

neighbor REGISTRO route-map REGISTRO_BR_AS64548_IN in

neighbor REGISTRO route-map REGISTRO_BR_AS64548_OUT out

neighbor REGISTRO maximum-prefix 5000

neighbor X.X.X.X peer-group REGISTRO

neighbor X.X.X.X soft-reconfiguration inbound

Harold Ritter · ‎03-27-2007

Alexandre,

Your configuration confirms what I thought. The neighbor sends you an AS-PATH with 8055 as the first ASN, while the peer ASN is 64548. Note that "remove-private-as" is only effective for outbound messages, so doesn't apply here.

Just out of curiosity, what type of device is the neighbor. Route server? In which case in might be ok to accept the update.

If you want to accept the updates despite the first ASN in the AS-PATH doesn't match the peer ASN, you can disable this check with the following command:

router bgp xxx

no bgp enforce-first-as

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México