cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17839
Views
0
Helpful
20
Replies

%BGP-3-NOTIFICATION: received from neighbor X.X.X.X 3/5 (invalid length for attribute) 1036 bytes

tyllin
Level 1
Level 1

Hi Sir...

We had some bgp neighbor fail and flapping in a while and we had no idea to fix it till now. Device show us some error message that list below...

Apr 20 14:24:20.238 CST: %BGP-5-ADJCHANGE: neighbor X.X.X.X Up
Apr 20 14:24:21.166 CST: %BGP-3-NOTIFICATION: received from neighbor X.X.X.X  3/5 (invalid length for attribute) 1036 bytes D0100408 000212C9 000003E9 000212C9 00
Apr 20 14:24:21.166 CST: %BGP-5-ADJCHANGE: neighbor X.X.X.X  Down BGP Notification received

Would somebody help us for this case?

Thanks you!

sean

20 Replies 20

Hi,

can you post the output of the below command

#sh run | b r bgp

Thanks

Karuppu

Hi Karuppu...

Sorry for late response and thanks your help...

this is the summary bgp command that listed below...And the device is 7507MX with IOS 12.0(30)S1 service provider feature.

==============================

interface Serial0/1/1
ip address X.X.X.X 255.255.255.252
no ip redirects
no ip directed-broadcast
no ip proxy-arp
load-interval 30
carrier-delay 5
mpls bgp forwarding
tag-switching ip
dsu bandwidth 44210
framing c-bit
cablelength 200
clock source internal
!
router bgp AAAA
no bgp default ipv4-unicast
no bgp default route-target filter
bgp log-neighbor-changes
neighbor X.X.X.X remote-as BBBB
!
address-family vpnv4
neighbor X.X.X.X activate
neighbor X.X.X.X send-community extended
neighbor X.X.X.X route-map customer-in in
neighbor X.X.X.X route-map customer-out out
neighbor X.X.X.X maximum-prefix 5000
exit-address-family
!
route-map customer-out permit 10
match extcommunity 7
set metric 20
!
route-map customer-in permit 10
match extcommunity 7
!
ip extcommunity-list 7 permit rt 65001:608094
ip extcommunity-list 7 permit rt 65001:902062
ip extcommunity-list 7 permit rt 65001:905141
ip extcommunity-list 7 permit rt 65001:609251
ip extcommunity-list 7 permit rt 65001:117
ip extcommunity-list 7 permit rt 65001:88888
!

==========================================

MP-eBGP receive routes from ASBR device that is filtered by route-map.  And this MP-eBGP had been worked for a long time. But suddenly, the  error message appear  and neighbor flapping continualy. And we cannot  figure it out till now.

Thanks You!

Sean

Hello Sean,

if you are receiving MP eBGP routes for inter-AS VPNs it is likely that the peer has recently added some BGP communities or BGP extended communities causing an overflow of one field

You should contact them explaining your issue.

Hope to help

Giuseppe

Hi Giuseppe...

The BGP peer is GSR router and we had contacted the GSR owner. The GSR is another servie provider that received route update from downstream customers and they did not changed or tuned any configuration when the problem appear. The GSR receive the same error message from our device and the BGP neighber flapping too. It seems like that GSR is a victim also for this case.

Till now, the error message tell us that the device received update contained malformed BGP communities. And that error makes bgp neighbor flapping. Would some debug or command could tell us that what bgp communities makes bgp neighber flapping?

Thanks you!

Sean

Hello Sean,

if the link is a LAN you could put a sniffer and you could capture the BGP packets sent by GSR to your router and with a common clock you could relate the BGP notification with the offending message.

if the link is of WAN type this is not possible

Hope to help

Giuseppe

Hi Giuseppe...

Yes, this is a T3 wan PA module using coaxial cable and BNC connector and it is difficult to sniffer.

Some debug command had been configured on the device about bgp neighbor update. we terminate the debug asap because of the high CPU consume. And nothing special within the debug logs.

We reviewed the syslogs and found some other new error messages that listed below. Would these messages help this case? and what it mean?

Thanks you!

Sean

=========================================

Apr 20 14:42:58.779 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/10 (illegal network) 1 bytes 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0058 0200 0000 4140 0101 0240 0204 0201 4570 C010 1000 0226 C400 0026 C400 0245 7000 001F 4180 0E20 0001 800C 0000 0000 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D

========================================

========================================

Apr 20 16:36:15.281 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/4 (invalid flags for attribute) 16 bytes 0D0B0D0B 0D0B0D0B 0D0B0D0B 0D0B0D0B


Apr 20 16:36:15.281 CST: BGP: 218.96.253.231 Bad attributes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0079 0200 0000 6240 0101 0240 0204 0201 4570 C010 2000 0226 C400 0026 C400 0245 7000 0000 0100 0245 7000 001F 5F00 0245 700D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B

=======================================

======================================

Apr 20 16:44:53.433 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/4 (invalid flags for attribute) 14 bytes 0B0D0B0D 0B0D0B0D 0B0D0B0D 0B0D


Apr 20 16:44:53.433 CST: BGP: 218.96.253.231 Bad attributes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 019C 0200 0001 8540 0101 0240 020E 0206 4570 FEB4 26D3 2570 240D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0045 7000 001F 48AC 1300 5074 03B2 C100 0045 7000 001F 48AC 1300 2074 03B6 7100 0045 7000 001F 48AC 1300 1076 03B7 4100 0045 7000 001F 48AC 1300 0476 03BC 9100 0045 7000 001F 48AC 1300 0078 03BE 8100 0045 7000 001F 48AC 100B 6578 03C9 5100 0045 7000 001F 48AC 1005 6578 03CB 4100 0045 7000 001F 48AC 1005 6478 03CD A100 0045 7000 001F 48AC 0701 0170 0957 A100 0045 7000 001F 48DB 579B 7009 6701 0000 4570 0000 1F48 C0A8 6970 0967 5100 0045 7000 001F 48C0 A800 7409 7121 0000 4570 0000 1F48 AC13 0040 6809 7781 0000 4570 0000 1F48 A8A8 7009 7791 0000 4570 0000 1F48 3D1F 3770 0979 9100 0045 7000 001F 480A C8C8 7808 3561 0000 4570 0000 1F48 AC10 1E65 7808 3851 0000 4570 0000 1F48 AC10 0065

=====================================

Dear sir,

 

yes recently i have configured embedded packet capture ,kindly help how to resolve the issue.

 

Thank

Esakki

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Sean,

what IOS image is running  on your router and what device is the BGP peer?

the message clearly states that a BGP advertisement from the peer was containing a BGP attribute in the form of type length value and that the value field 1036 -> 1036 octets  was not a valid expected value.

Be careful that the BGP peer may be misbehaving or it is trying to send to you a too long AS path attribute (for example)

>> : received from neighbor X.X.X.X  3/5

means sent notification for having received a malformed BGP update (3) with a BGP attribute lenght out of range (5)

the router is protecting itself from possible SW errors that would be caused by accepting the update

Are you protecting your router from too long AS paths with max-as command ?

Hope to help

Giuseppe

Hi Giuseppe...

The device is 7507MX with IOS version 12.0(30)S1 service provider feature. Definitely, there is a BGP Bugs about too long AS-Path. I am not sure that the device and IOS had fixed this or not. But the config had worked for a long time but this error message is the first time that appear. And we had no idea to fix this...Maybe something wrong about route update. Would some command or debug could help us to figure it out?

Thanks You!

Sean

Dear  CHENG-HSIN LIN :

I encountered the same problem like yours.

My device is 7513 with IOS version 12.0(30)S1.

You mention there is a BGP Bugs about too long AS-Path.

I have looked for the Bug with Cisco BUG Toolkit , but I can't find.

Could you tell me where you find it??

Thanks

Hello Tyllin,

all started with an event happened in the internet in Feb 2009

see this article from Ivan Pepelnjak

http://blog.ioshints.info/2009/02/oversized-as-paths-cisco-ios-bug.html

the issue has been discussed also here in the forums

Hope to help

Giuseppe

Dear  Larosa :

Thanks for your help . I have read the article.

But it seems nothing to my problem. Because I don't config "as-prepend" & "bgp maxas-limit"

when the upstream router config below

******************************************

neighbor 61.31.244.194 send-community both

neighbor 61.31.244.194 route-map cust-community in

******************************************

the error message show :

%BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf c109a071 Down BGP Notification received

%BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf c109a071 Up

%BGP-3-NOTIFICATION: received from neighbor x.x.x.x 3/5 (invalid length for attribute) 1444 bytes D01005A0 00

02121D 00000821 000212C9 00

when I remove the config : It's ok.

Upstream Router (7513 + 12.0(30)S1):

ip vrf c109a071

rd 9924:1041

route-target export 9924:1041

route-target import 9924:1041

!

router bgp 9924

ip vrf forwarding c109a071

address-family ipv4 vrf c109a071

redistribute connected

redistribute static

neighbor x.x.x.x remote-as 65001

neighbor x.x.x.x activate

neighbor x.x.x.x as-override

neighbor x.x.x.x soft-reconfiguration inbound

neighbor x.x.x.x maximum-prefix 500 80 restart 10

!

ip community-list standard pref150 permit 650379414

ip community-list standard pref200 permit 650379464

route-map cust-community permit 10

match community pref200

set local-preference 200

route-map cust-community permit 20

match community pref150

set local-preference 150

!

route-map cust-community permit 1000

Downstream Router (65093 + 12.2(17d)SXB1):

router bgp 65001

no synchronization

bgp log-neighbor-changes

redistribute connected

redistribute static

neighbor x.x.x.x remote-as 9924

neighbor x.x.x.x soft-reconfiguration inbound

neighbor x.x.x.x route-map Primary_BGP_out out

default-information originate

no auto-summary

!

access-list 91 remark Control BGP out

access-list 91 permit any

!

route-map Primary_BGP_out permit 10

match ip address 91

set community 200

Thanks

Hi,

so it seems the extended communities sent from the upstream router might be breaking the BGP session?

What about trying

neighbor 61.31.244.194 send-community standard

instead of

neighbor 61.31.244.194 send-community both?

I'm also not sure if the downstream router config works OK

without

neighbor x.x.x.x send-community standard

But it's difficult to advise without knowing the detailed purpose of sending communities between your routers.

BR,

Milan

Hi Milan,

Isn't he doing so to propagate its route-targets which are extended communities  ?

Regards.


Alain.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco