06-03-2014 05:43 AM - edited 03-04-2019 11:05 PM
Hi,
I have a BGP peer flapping. The ISP is using my VRRP address to establish neighboor.
I have another peer with another ISP but the same topology/configuration and works correctly.
I upgraded the IOS, reviewed the configuration with ISP but without sucess.
BGP config:
router bgp BBBBBB
bgp log-neighbor-changes
neighbor A.A.A.A remote-as A
neighbor A.A.A.A ebgp-multihop 3
neighbor A.A.A.A soft-reconfiguration inbound
neighbor A.A.A.A prefix-list MY-PREFIX out
BGP debugs:
debug ip bgp A.A.A.A
Jun 2 2014 17:34:41.658 GMT-3: BGP: A.A.A.A connection timed out 180128ms (last update) 180000ms (hold time)
Jun 2 2014 17:34:41.658 GMT-3: BGP: A.A.A.A went from Established to Closing
Jun 2 2014 17:34:41.658 GMT-3: %BGP-5-ADJCHANGE: neighbor A.A.A.A Down BGP Notification sent
Jun 2 2014 17:34:41.658 GMT-3: %BGP-3-NOTIFICATION: sent to neighbor A.A.A.A 4/0 (hold time expired) 0 bytes
Jun 2 2014 17:34:41.658 GMT-3: BGP: ses global A.A.A.A (0xC3A6303C:1) Send NOTIFICATION 4/0 (hold time expired) 0 bytes
Jun 2 2014 17:34:41.658 GMT-3: BGP: A.A.A.A local error close after sending NOTIFICATION
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr_topo global A.A.A.A IPv4 Unicast:base (0xC3A6303C:1) NSF delete stale NSF not active
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr_topo global A.A.A.A IPv4 Unicast:base (0xC3A6303C:1) NSF no stale paths state is NSF not active
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr_topo global A.A.A.A IPv4 Unicast:base (0xC3A6303C:1) Resetting ALL counters.
Jun 2 2014 17:34:45.778 GMT-3: BGP: A.A.A.A closing
Jun 2 2014 17:34:45.778 GMT-3: BGP: ses global A.A.A.A (0xC3A6303C:1) Session close and reset neighbor A.A.A.A topostate
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr_topo global A.A.A.A IPv4 Unicast:base (0xC3A6303C:1) Resetting ALL counters.
Jun 2 2014 17:34:45.778 GMT-3: BGP: A.A.A.A went from Closing to Idle
Jun 2 2014 17:34:45.778 GMT-3: %BGP_SESSION-5-ADJCHANGE: neighbor A.A.A.A IPv4 Unicast topology base removed from session BGP Notification sent
Jun 2 2014 17:34:45.778 GMT-3: BGP: ses global A.A.A.A (0xC3A6303C:1) Removed topology IPv4 Unicast:base
Jun 2 2014 17:34:45.778 GMT-3: BGP: ses global A.A.A.A (0xC3A6303C:1) Removed last topology
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr global A.A.A.A Open active delayed 9216ms (35000ms max, 60% jitter)
Jun 2 2014 17:34:45.778 GMT-3: BGP: nbr global A.A.A.A Active open failed - open timer running
debug ip tcp transactions
Jun 2 2014 17:08:45.289 GMT-3: B.B.B.B:179 <---> A.A.A.A:49152 congestion window changes
Jun 2 2014 17:08:45.289 GMT-3: cwnd from 759 to 512, ssthresh from 1024 to 1024
Jun 2 2014 17:08:45.289 GMT-3: TCP0: timeout #1 - timeout is 2054 ms, seq 1516580539
Jun 2 2014 17:08:45.289 GMT-3: TCP: (179) -> A.A.A.A(49152)
Jun 2 2014 17:08:47.345 GMT-3: TCP0: timeout #2 - timeout is 4108 ms, seq 1516580539
Jun 2 2014 17:08:47.345 GMT-3: TCP: (179) -> A.A.A.A(49152)
Jun 2 2014 17:08:51.133 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:08:51.453 GMT-3: TCP0: timeout #3 - timeout is 8216 ms, seq 1516580539
Jun 2 2014 17:08:51.453 GMT-3: TCP: (179) -> A.A.A.A(49152)
Jun 2 2014 17:08:51.737 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:08:52.969 GMT-3: TCP388: ACK timeout timer expired
Jun 2 2014 17:08:55.125 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:08:58.777 GMT-3: Reserved port 0 in Transport Port Agent for TCP IP type 0
Jun 2 2014 17:08:58.777 GMT-3: TCP: connection attempt to port 1433
Jun 2 2014 17:08:58.777 GMT-3: TCP: sending RST, seq 0, ack 859504641
Jun 2 2014 17:08:58.777 GMT-3: Released port 0 in Transport Port Agent for TCP IP type 0 delay 240000
Jun 2 2014 17:08:58.777 GMT-3: TCP0: state was LISTEN -> CLOSED [0 -> UNKNOWN(0)]
Jun 2 2014 17:08:58.777 GMT-3: TCB 0x3F9497DC destroyed
Jun 2 2014 17:08:59.669 GMT-3: TCP0: timeout #4 - timeout is 16432 ms, seq 1516580539
Jun 2 2014 17:08:59.669 GMT-3: TCP: (179) -> A.A.A.A(49152)
Jun 2 2014 17:08:59.705 GMT-3: Reserved port 0 in Transport Port Agent for TCP IP type 0
Jun 2 2014 17:08:59.705 GMT-3: TCP: connection attempt to port 3306
Jun 2 2014 17:08:59.705 GMT-3: TCP: sending RST, seq 0, ack 859504641
Jun 2 2014 17:08:59.705 GMT-3: Released port 0 in Transport Port Agent for TCP IP type 0 delay 240000
Jun 2 2014 17:08:59.705 GMT-3: TCP0: state was LISTEN -> CLOSED [0 -> UNKNOWN(0)]
Jun 2 2014 17:08:59.705 GMT-3: TCB 0x3EC4EC94 destroyed
Jun 2 2014 17:08:59.717 GMT-3: Reserved port 0 in Transport Port Agent for TCP IP type 0
Jun 2 2014 17:08:59.717 GMT-3: TCP: connection attempt to port 3306
Jun 2 2014 17:08:59.717 GMT-3: TCP: sending RST, seq 0, ack 1715535873
Jun 2 2014 17:08:59.721 GMT-3: Released port 0 in Transport Port Agent for TCP IP type 0 delay 240000
Jun 2 2014 17:08:59.721 GMT-3: TCP0: state was LISTEN -> CLOSED [0 -> UNKNOWN(0)]
Jun 2 2014 17:08:59.721 GMT-3: TCB 0x3F9497DC destroyed
Jun 2 2014 17:08:59.993 GMT-3: TCP388: ACK timeout timer expired
Jun 2 2014 17:09:05.013 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:13.133 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:16.133 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:22.025 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:27.133 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:31.057 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:35.957 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:44.133 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:45.045 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:48.897 GMT-3: B.B.B.B:179 <---> A.A.A.A:49152 congestion window changes
Jun 2 2014 17:09:48.897 GMT-3: cwnd from 531 to 512, ssthresh from 1024 to 1024
Jun 2 2014 17:09:48.897 GMT-3: TCP0: timeout #1 - timeout is 16432 ms, seq 1516580558
Jun 2 2014 17:09:48.897 GMT-3: TCP: (179) -> A.A.A.A(49152)
Jun 2 2014 17:09:49.005 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:51.173 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:58.045 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:09:59.749 GMT-3: TCP0: keepalive timeout (0/4)
Jun 2 2014 17:10:02.945 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:06.257 GMT-3: %BGP-5-ADJCHANGE: neighbor A.A.A.A Down BGP Notification sent
Jun 2 2014 17:10:06.257 GMT-3: %BGP-3-NOTIFICATION: sent to neighbor A.A.A.A 4/0 (hold time expired) 0 bytes
Jun 2 2014 17:10:08.249 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:10.581 GMT-3: TCP0: state was ESTAB -> FINWAIT1 [179 -> A.A.A.A(49152)]
Jun 2 2014 17:10:10.581 GMT-3: TCP0: sending FIN
Jun 2 2014 17:10:10.581 GMT-3: %BGP_SESSION-5-ADJCHANGE: neighbor A.A.A.A IPv4 Unicast topology base removed from session BGP Notification sent
Jun 2 2014 17:10:10.609 GMT-3: TCP0: state was FINWAIT1 -> FINWAIT2 [179 -> A.A.A.A(49152)]
Jun 2 2014 17:10:15.805 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:16.877 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:26.921 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:34.645 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:37.993 GMT-3: TCBC5593960 created
Jun 2 2014 17:10:37.993 GMT-3: TCP0: state was LISTEN -> SYNRCVD [179 -> A.A.A.A(51788)]
Jun 2 2014 17:10:37.993 GMT-3: TCP: tcb C5593960 connection to A.A.A.A:51788, peer MSS 512, MSS is 512
Jun 2 2014 17:10:37.993 GMT-3: TCP: sending SYN, seq 147598177, ack 583839426
Jun 2 2014 17:10:37.993 GMT-3: TCP0: Connection to A.A.A.A:51788, advertising MSS 512
Jun 2 2014 17:10:38.005 GMT-3: TCP0: state was SYNRCVD -> ESTAB [179 -> A.A.A.A(51788)]
Jun 2 2014 17:10:38.005 GMT-3: TCB3D13D32C accepting C5593960 from A.A.A.A.51788
Jun 2 2014 17:10:38.025 GMT-3: TCBC5593960 setting property TCP_VRFTABLEID (20) 42C034F0
Jun 2 2014 17:10:38.025 GMT-3: TCBC5593960 setting property TCP_PMTU (45) 3F83E5C4
Jun 2 2014 17:10:38.025 GMT-3: TCBC5593960 setting property TCP_NO_DELAY (0) 3F83E5F8
Jun 2 2014 17:10:38.025 GMT-3: TCBC5593960 setting property TCP_ACK_RATE (37) 3F83E5FC
Jun 2 2014 17:10:38.025 GMT-3: TCBC5593960 setting property TCP_RTRANSTMO (36) 3F83E5F8
Jun 2 2014 17:10:39.761 GMT-3: TCP0: ACK timeout timer expired
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 created
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_VRFTABLEID (20) 42C034F0
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_MD5KEY (4) 0
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_ACK_RATE (37) 3F83E618
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_TOS (11) 3F83E608
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_PMTU (45) 3F83E5D4
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_IN_TTL (34) 3F83E5C0
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_OUT_TTL (35) 3F83E5C0
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_OUT_TTL (35) 42C03706
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 setting property TCP_RTRANSTMO (36) 3F83E614
Jun 2 2014 17:10:40.393 GMT-3: TCP: Random local port generated 39764, network 1
Jun 2 2014 17:10:40.393 GMT-3: TCBC3C71C58 bound to 177.220.155.253.39764
Jun 2 2014 17:10:40.393 GMT-3: Reserved port 39764 in Transport Port Agent for TCP IP type 1
Jun 2 2014 17:10:40.393 GMT-3: TCP: sending SYN, seq 1802865555, ack 0
Jun 2 2014 17:10:40.393 GMT-3: TCP0: Connection to A.A.A.A:179, advertising MSS 1460
Jun 2 2014 17:10:40.393 GMT-3: TCP0: state was CLOSED -> SYNSENT [39764 -> A.A.A.A(179)]
Jun 2 2014 17:10:40.401 GMT-3: Released port 39764 in Transport Port Agent for TCP IP type 1 delay 240000
Jun 2 2014 17:10:40.401 GMT-3: TCP0: state was SYNSENT -> CLOSED [39764 -> A.A.A.A(179)]
Jun 2 2014 17:10:40.401 GMT-3: TCP0: bad seg from A.A.A.A -- closing connection: port 39764 seq 0 ack 1802865556 rcvnxt 0 rcvwnd 0 len 0
Jun 2 2014 17:10:40.401 GMT-3: TCP0: connection closed - remote sent RST
Jun 2 2014 17:10:40.405 GMT-3: TCB 0xC3C71C58 destroyed
[ ]'s
06-03-2014 06:33 AM
Hello
How is the isp learning the vrrp address ?
res
Paul
06-03-2014 07:20 AM
Hi Paul,
I have 2 routers configured and directely connected with ISP using /29 address.
ISP link -> switch -> vrrp address router (A/B)
Master Router:
interface GigabitEthernet0/1.A
encapsulation dot1Q A
ip address A.A.A.253 255.255.255.248
ip nbar protocol-discovery
ip flow ingress
vrrp 200 ip A.A.A.250
vrrp 200 timers advertise 1
vrrp 200 preempt delay minimum 160
vrrp 200 priority 150
vrrp 200 authentication md5 key-string 7 **
[ ]'s
06-03-2014 11:51 AM
Have you tried asking the ISP to peer with a physical address as a test? That might help isolate if there's a problem with peering with a VRRP address and that particular ISP's equipment.
Is it possible that the route to the neighbor is being learned through the other ISP?
06-03-2014 08:29 AM
Hi,
is the line flapping too ? Is it congested ?
Has VRRP switched the master router ? And why are you using the VRRP ? If oyu are using a routing protocol you don't need VRRP you can have a neighborship with both routers.
06-03-2014 11:32 AM
Hi,
- Line isn't flapping.
- I'm using VRRP for hardware redundancy.
- I cannot have neighborship with 2 routers, only 1.
- I have a IBGP between routers and 2 EBGP peers, and so 1 of them is flapping.
[ ]'s
06-04-2014 02:56 AM
Has VRRP switched the master router ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide