BGP peering issue

Unanswered Question
Jan 26th, 2009
User Badges:
  • Silver, 250 points or more

Hello there,


Anyone has seen a problem where you cannot establish 2 BGP sessions over a single IP?


I have 2 switches trying to use a single IP in another switch as a BGP peer and only one is successful.


If I shut one neighbor down , the other goes up.


neighbor ip shutdown


Makes no sense to me and looks like a BUG or something.


Any ideas?


Regards,

Vlad

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Mon, 01/26/2009 - 11:48
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Vlad,

are the ip addresses on the switches' side different ?

have you used neighbor x.x.x.x update-source?



Hope to help

Giuseppe


vladrac-ccna Mon, 01/26/2009 - 13:34
User Badges:
  • Silver, 250 points or more

3 switches connected on the same VLAN/subnet are trying to establish BGP session.


So, imagine a CD-A 1.1.1.2/24 and CD-B 1.1.1.3/24 trying to peer with SW1 IP 1.1.1.1/24


cd-a

neighbor 1.1.1.1 remote-as 1


cd-b

neighbor 1.1.1.1 remote-as 1


sw1

neighbor 1.1.1.2 remote-as 2

neighbor 1.1.1.3 remote-as 2


If I shutdown cd-a, then b establish BGP, if I shut cd-b then cd-a establishes it.


Those are directly connected , so no point in using the update-source.


help!

Kerem Gursu Tue, 01/27/2009 - 00:13
User Badges:

Might the Spanning tree be the problem? Are all switches interconnected?



vladrac-ccna Tue, 01/27/2009 - 00:59
User Badges:
  • Silver, 250 points or more

They all connect to another L2 switch yes. But they CD-A and CD-B have a L3 connection between them. So there should be no L2 loop to block via SPT.


Also, Ive seen a debug ip pac det in the switch and apparently it only rejects the connection.


After the first FYN TO 179 it replies with a ACK, RST.


16:08:35.118 BRST: IP: s=10.21.4.229 (GigabitEthernet3/5), d=10.21.4.226, len 40, rcvd 2

Jan 26 16:08:35.118 BRST: TCP src=179, dst=11158, seq=0, ack=965412976, win=0 ACK RST


Jan 26 16:08:35.118 BRST: IP: s=10.21.4.229 (GigabitEthernet3/5), d=10.21.4.226, len 40, stop process pak for forus packet

Jan 26 16:08:35.118 BRST: TCP src=179, dst=11158, seq=0, ack=965412976, win=0 ACK


Im still waiting to get a more info on this problem, as Im helping a friend.


But thanks for all your help.


I was just wondering if someone have seen something similar.


When you have to shutdown 1 bgp peer to get the other established.

Giuseppe Larosa Tue, 01/27/2009 - 07:29
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Vlad,


there are some rules about what side should use the well-known port (TCP 179).


I wonder if in your case switch1 resets the connection because in its opinion the well known port should be on its side.


or if there is a chance that both CD-A and CD-B will use the same BGP router-id.

the rule is the highest ip address on loopbacks before physical interfaces (the same as OSPF rules)

An the same router cannot have two ip addresses on the same LAN segment


you can check this with

sh ip bgp summary

on CD-A and CD-B


Hope to help

Giuseppe


vladrac-ccna Tue, 01/27/2009 - 11:14
User Badges:
  • Silver, 250 points or more

Hello Giuseppe,


thanks for the reply.


But unfortunately am afraid didnt understood.


Each CD and sw in that LAN segment has its own IP address.


Also if the router id was equal I would expect to see something similar to:

*Mar 1 00:07:33.747: %BGP-3-NOTIFICATION: sent to neighbor 10.0.0.1 2/3 (BGP identifier wrong) 4 bytes 01010101

rc# FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 0001 00B4 0101 0101 1002 0601 0400 0100 0102 0280 0002 0202 00


Any other suggestion is appreciated.

Harold Ritter Tue, 01/27/2009 - 12:08
User Badges:
  • Cisco Employee,

Vladimir,


Not if the RID was the same on cd-a and cd-b as they do not establish a neighbor relationship between themselves but only to the switch.


Regards

Mohamed Sobair Tue, 01/27/2009 - 11:47
User Badges:
  • Gold, 750 points or more

Hi Vlad,


lets go through BGP Neighbor States:


1- Idle

2- Open

3- Open Sent

4- Open Confirm

5- Established.


The Source Originating the TCP Session is always the Interface IP Address unless Modified with (Update Source) command.


The BGP router-id Has nothing to do with that, as u know BGP choses a single router-id based On Highest Loopback Or Highest Physical Interface.


I cant say what is the exact problem since you mentioned when u shut one peer the Second establishes neighborship. Its Odd. Pls clarify more...


HTH

Mohamed

Actions

This Discussion