04-21-2010 08:48 PM - edited 03-04-2019 08:14 AM
Hi Sir...
We had some bgp neighbor fail and flapping in a while and we had no idea to fix it till now. Device show us some error message that list below...
Apr 20 14:24:20.238 CST: %BGP-5-ADJCHANGE: neighbor X.X.X.X Up
Apr 20 14:24:21.166 CST: %BGP-3-NOTIFICATION: received from neighbor X.X.X.X 3/5 (invalid length for attribute) 1036 bytes D0100408 000212C9 000003E9 000212C9 00
Apr 20 14:24:21.166 CST: %BGP-5-ADJCHANGE: neighbor X.X.X.X Down BGP Notification received
Would somebody help us for this case?
Thanks you!
sean
04-21-2010 08:53 PM
Hi,
can you post the output of the below command
#sh run | b r bgp
Thanks
Karuppu
05-11-2010 12:42 AM
Hi Karuppu...
Sorry for late response and thanks your help...
this is the summary bgp command that listed below...And the device is 7507MX with IOS 12.0(30)S1 service provider feature.
==============================
interface Serial0/1/1
ip address X.X.X.X 255.255.255.252
no ip redirects
no ip directed-broadcast
no ip proxy-arp
load-interval 30
carrier-delay 5
mpls bgp forwarding
tag-switching ip
dsu bandwidth 44210
framing c-bit
cablelength 200
clock source internal
!
router bgp AAAA
no bgp default ipv4-unicast
no bgp default route-target filter
bgp log-neighbor-changes
neighbor X.X.X.X remote-as BBBB
!
address-family vpnv4
neighbor X.X.X.X activate
neighbor X.X.X.X send-community extended
neighbor X.X.X.X route-map customer-in in
neighbor X.X.X.X route-map customer-out out
neighbor X.X.X.X maximum-prefix 5000
exit-address-family
!
route-map customer-out permit 10
match extcommunity 7
set metric 20
!
route-map customer-in permit 10
match extcommunity 7
!
ip extcommunity-list 7 permit rt 65001:608094
ip extcommunity-list 7 permit rt 65001:902062
ip extcommunity-list 7 permit rt 65001:905141
ip extcommunity-list 7 permit rt 65001:609251
ip extcommunity-list 7 permit rt 65001:117
ip extcommunity-list 7 permit rt 65001:88888
!
==========================================
MP-eBGP receive routes from ASBR device that is filtered by route-map. And this MP-eBGP had been worked for a long time. But suddenly, the error message appear and neighbor flapping continualy. And we cannot figure it out till now.
Thanks You!
Sean
05-11-2010 12:45 AM
Hello Sean,
if you are receiving MP eBGP routes for inter-AS VPNs it is likely that the peer has recently added some BGP communities or BGP extended communities causing an overflow of one field
You should contact them explaining your issue.
Hope to help
Giuseppe
05-11-2010 01:18 AM
Hi Giuseppe...
The BGP peer is GSR router and we had contacted the GSR owner. The GSR is another servie provider that received route update from downstream customers and they did not changed or tuned any configuration when the problem appear. The GSR receive the same error message from our device and the BGP neighber flapping too. It seems like that GSR is a victim also for this case.
Till now, the error message tell us that the device received update contained malformed BGP communities. And that error makes bgp neighbor flapping. Would some debug or command could tell us that what bgp communities makes bgp neighber flapping?
Thanks you!
Sean
05-11-2010 03:30 AM
Hello Sean,
if the link is a LAN you could put a sniffer and you could capture the BGP packets sent by GSR to your router and with a common clock you could relate the BGP notification with the offending message.
if the link is of WAN type this is not possible
Hope to help
Giuseppe
05-11-2010 10:00 AM
Hi Giuseppe...
Yes, this is a T3 wan PA module using coaxial cable and BNC connector and it is difficult to sniffer.
Some debug command had been configured on the device about bgp neighbor update. we terminate the debug asap because of the high CPU consume. And nothing special within the debug logs.
We reviewed the syslogs and found some other new error messages that listed below. Would these messages help this case? and what it mean?
Thanks you!
Sean
=========================================
Apr 20 14:42:58.779 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/10 (illegal network) 1 bytes 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0058 0200 0000 4140 0101 0240 0204 0201 4570 C010 1000 0226 C400 0026 C400 0245 7000 001F 4180 0E20 0001 800C 0000 0000 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D
========================================
========================================
Apr 20 16:36:15.281 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/4 (invalid flags for attribute) 16 bytes 0D0B0D0B 0D0B0D0B 0D0B0D0B 0D0B0D0B
Apr 20 16:36:15.281 CST: BGP: 218.96.253.231 Bad attributes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0079 0200 0000 6240 0101 0240 0204 0201 4570 C010 2000 0226 C400 0026 C400 0245 7000 0000 0100 0245 7000 001F 5F00 0245 700D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B
=======================================
======================================
Apr 20 16:44:53.433 CST: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.X 3/4 (invalid flags for attribute) 14 bytes 0B0D0B0D 0B0D0B0D 0B0D0B0D 0B0D
Apr 20 16:44:53.433 CST: BGP: 218.96.253.231 Bad attributes FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 019C 0200 0001 8540 0101 0240 020E 0206 4570 FEB4 26D3 2570 240D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0B0D 0045 7000 001F 48AC 1300 5074 03B2 C100 0045 7000 001F 48AC 1300 2074 03B6 7100 0045 7000 001F 48AC 1300 1076 03B7 4100 0045 7000 001F 48AC 1300 0476 03BC 9100 0045 7000 001F 48AC 1300 0078 03BE 8100 0045 7000 001F 48AC 100B 6578 03C9 5100 0045 7000 001F 48AC 1005 6578 03CB 4100 0045 7000 001F 48AC 1005 6478 03CD A100 0045 7000 001F 48AC 0701 0170 0957 A100 0045 7000 001F 48DB 579B 7009 6701 0000 4570 0000 1F48 C0A8 6970 0967 5100 0045 7000 001F 48C0 A800 7409 7121 0000 4570 0000 1F48 AC13 0040 6809 7781 0000 4570 0000 1F48 A8A8 7009 7791 0000 4570 0000 1F48 3D1F 3770 0979 9100 0045 7000 001F 480A C8C8 7808 3561 0000 4570 0000 1F48 AC10 1E65 7808 3851 0000 4570 0000 1F48 AC10 0065
=====================================
04-28-2020 10:36 PM
Dear sir,
yes recently i have configured embedded packet capture ,kindly help how to resolve the issue.
Thank
Esakki
04-22-2010 01:51 AM
Hello Sean,
what IOS image is running on your router and what device is the BGP peer?
the message clearly states that a BGP advertisement from the peer was containing a BGP attribute in the form of type length value and that the value field 1036 -> 1036 octets was not a valid expected value.
Be careful that the BGP peer may be misbehaving or it is trying to send to you a too long AS path attribute (for example)
>> : received from neighbor X.X.X.X 3/5
means sent notification for having received a malformed BGP update (3) with a BGP attribute lenght out of range (5)
the router is protecting itself from possible SW errors that would be caused by accepting the update
Are you protecting your router from too long AS paths with max-as command ?
Hope to help
Giuseppe
05-11-2010 12:52 AM
Hi Giuseppe...
The device is 7507MX with IOS version 12.0(30)S1 service provider feature. Definitely, there is a BGP Bugs about too long AS-Path. I am not sure that the device and IOS had fixed this or not. But the config had worked for a long time but this error message is the first time that appear. And we had no idea to fix this...Maybe something wrong about route update. Would some command or debug could help us to figure it out?
Thanks You!
Sean
12-30-2010 06:35 PM
Dear CHENG-HSIN LIN :
I encountered the same problem like yours.
My device is 7513 with IOS version 12.0(30)S1.
You mention there is a BGP Bugs about too long AS-Path.
I have looked for the Bug with Cisco BUG Toolkit , but I can't find.
Could you tell me where you find it??
Thanks
01-03-2011 12:53 PM
Hello Tyllin,
all started with an event happened in the internet in Feb 2009
see this article from Ivan Pepelnjak
http://blog.ioshints.info/2009/02/oversized-as-paths-cisco-ios-bug.html
the issue has been discussed also here in the forums
Hope to help
Giuseppe
01-04-2011 12:05 AM
Dear Larosa :
Thanks for your help . I have read the article.
But it seems nothing to my problem. Because I don't config "as-prepend" & "bgp maxas-limit"
when the upstream router config below
******************************************
neighbor 61.31.244.194 send-community both
neighbor 61.31.244.194 route-map cust-community in
******************************************
the error message show :
%BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf c109a071 Down BGP Notification received
%BGP-5-ADJCHANGE: neighbor x.x.x.x vpn vrf c109a071 Up
%BGP-3-NOTIFICATION: received from neighbor x.x.x.x 3/5 (invalid length for attribute) 1444 bytes D01005A0 00
02121D 00000821 000212C9 00
when I remove the config : It's ok.
Upstream Router (7513 + 12.0(30)S1):
ip vrf c109a071
rd 9924:1041
route-target export 9924:1041
route-target import 9924:1041
!
router bgp 9924
ip vrf forwarding c109a071
address-family ipv4 vrf c109a071
redistribute connected
redistribute static
neighbor x.x.x.x remote-as 65001
neighbor x.x.x.x activate
neighbor x.x.x.x as-override
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x maximum-prefix 500 80 restart 10
!
ip community-list standard pref150 permit 650379414
ip community-list standard pref200 permit 650379464
route-map cust-community permit 10
match community pref200
set local-preference 200
route-map cust-community permit 20
match community pref150
set local-preference 150
!
route-map cust-community permit 1000
Downstream Router (65093 + 12.2(17d)SXB1):
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute connected
redistribute static
neighbor x.x.x.x remote-as 9924
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map Primary_BGP_out out
default-information originate
no auto-summary
!
access-list 91 remark Control BGP out
access-list 91 permit any
!
route-map Primary_BGP_out permit 10
match ip address 91
set community 200
Thanks
01-04-2011 04:07 AM
Hi,
so it seems the extended communities sent from the upstream router might be breaking the BGP session?
What about trying
neighbor 61.31.244.194 send-community standard
instead of
neighbor 61.31.244.194 send-community both?
I'm also not sure if the downstream router config works OK
without
neighbor x.x.x.x send-community standard
But it's difficult to advise without knowing the detailed purpose of sending communities between your routers.
BR,
Milan
01-04-2011 04:34 AM
Hi Milan,
Isn't he doing so to propagate its route-targets which are extended communities ?
Regards.
Alain.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide