BGP Flapping Peer

Jaime Soto Valenzuela · ‎10-19-2011

Hi everyone,

We are having an issue with BGP flapping peer. We have a ASR1002 as Route Reflector and it work fine with all peers except with 2 peers.

In logs messages we can see:

Oct 19 21:27:49.765 UTC: %BGP-3-BGP_NO_REMOTE_READ: 200.83.0.153 connection timed out - has not accepted a message from us for 180000ms (hold time), 1 messages pending transmition.

Oct 19 21:27:49.765 UTC: %BGP-5-ADJCHANGE: neighbor 200.83.0.153 Down BGP Notification sent

Oct 19 21:27:49.765 UTC: %BGP-3-NOTIFICATION: sent to neighbor 200.83.0.153 4/0 (hold time expired) 0 bytes

Oct 19 21:28:04.102 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 200.83.0.153 VPNv4 Unicast topology base removed from session BGP Notification sent

Oct 19 21:28:04.102 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 200.83.0.153 IPv4 Unicast topology base removed from session BGP Notification sent

Oct 19 21:28:18.467 UTC: %BGP-5-ADJCHANGE: neighbor 200.83.0.153 Up

Oct 19 21:30:33.682 UTC: %BGP-3-BGP_NO_REMOTE_READ: 200.83.0.152 connection timed out - has not accepted a message from us for 180000ms (hold time), 1 messages pending transmition.

Oct 19 21:30:33.682 UTC: %BGP-5-ADJCHANGE: neighbor 200.83.0.152 Down BGP Notification sent

Oct 19 21:30:33.683 UTC: %BGP-3-NOTIFICATION: sent to neighbor 200.83.0.152 4/0 (hold time expired) 0 bytes

Oct 19 21:30:48.018 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 200.83.0.152 VPNv4 Unicast topology base removed from session BGP Notification sent

Oct 19 21:30:48.019 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 200.83.0.152 IPv4 Unicast topology base removed from session BGP Notification sent

Oct 19 21:30:57.265 UTC: %BGP-5-ADJCHANGE: neighbor 200.83.0.152 Up

You can see that BGP peering establishes, then drops, re-establishes, then drops,…

Peter Paluch · ‎10-19-2011

Jaime,

One possible cause is a mismatched MTU between your RR and the flapping peers. When a large BGP message is sent to these peers, it gets lost en route.

From the RR, try pinging the 200.83.0.153 and 200.83.0.152 using the MTU of 1500 bytes (assuming this is the correct MTU used by both RR and the flapping peers) and setting the DF bit:

ping 200.83.0.153 df-bit size 1500

If there are MTU issues, the pings should not be successful - either no reply will be received, or an "M" return code will be displayed in the ping output.

Be also sure to verify the MTU on the RR and on the flapping peers whether it is identically configured.

Best regards,

Peter

Jaime Soto Valenzuela · ‎10-20-2011

Peter,

From the RR we did ping 200.83.0.153 df-bit size 1500 and the result is not successful.

But if we do ping to phisycal interface of peers the pings are successful.

Regards,

Jaime

Jacob Zartmann · ‎04-24-2012

Should you not be able to peer over fx GRE tunnel with a MTU of 1400? Could be that you run DMVPN.

I'm having the same problem.

MSS is set to 1360 with PMTU discovery enabled.

Session gets established, and then torn down:

message from us for 180000ms (hold time), 1 messages pending transmition

Thanks,

BR,

/JZ

jconst · ‎11-15-2013

I am wondering If I can also get assistance related to BGP flapping and disconnects?

We have alarge network that contain DSL as our back up and I am seeing the issue from 25% of our site showing the same disconnects.

1.) would the MTU mismatch apply to DSL?

2.) Has anyone had multible DSL disconnects on a DSL network?

3.) What action can I take to address the Issue ?

2811 Router:

Nov 15 17:12:10: %BGP-5-ADJCHANGE: neighbor 11.4.2.5 Down BGP Notification sent Nov 15 17:12:10: %BGP-3-NOTIFICATION: sent to neighbor 11.4.2.5 4/0 (hold time expired) 0 bytes Nov 15 17:12:10: %BGP_SESSION-5-ADJCHANGE: neighbor 11.4.2.5 IPv4 Unicast topology base removed from session BGP Notification sent Nov 15 17:12:46: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User=ME301XH28101 Group=Vz-ezvpn-group Client_public_addr=192.168.1.64 Server_public_addr=63.165.185.60 Nov 15 17:12:48: %BGP-3-BGP_NO_REMOTE_READ: 11.4.2.5 connection timed out - has not accepted a message from us for 30000ms (hold time), 0 messages pending transmition. Nov 15 17:12:48: %BGP-3-NOTIFICATION: sent to neighbor 11.4.2.5 passive 4/0 (hold time expired) 0 bytes Nov 15 17:12:48: %BGP_SESSION-5-ADJCHANGE: neighbor 11.4.2.5 IPv4 Unicast topology base removed from session BGP Notification sent Nov 15 17:12:58: %CRYPTO-6-EZVPN_CONNECTION_UP: (Client) User=ME301XH28101 Group=Vz-ezvpn-group Client_public_addr=192.168.1.64 Server_public_addr=204.119.235.60 NEM_Remote_Subnets=11.65.249.92/255.255.255.255 Nov 15 17:15:35: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User=ME301XH28101 Group=Vz-ezvpn-group Client_public_addr=192.168.1.64 Server_public_addr=63.165.185.60 Nov 15 17:18:37: %CRYPTO-4-EZVPN_FAILED_TO_CONNECT: EZVPN(Vz-ezvpn) Ezvpn is in state READY, previous state was CONNECT_REQUIRED and event is CONN_UP. Session is not up after 180 seconds of initiating session, resetting the connection Nov 15 17:18:37: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User=ME301XH28101 Group=Vz-ezvpn-group Client_public_addr=192.168.1.64 Server_public_addr=63.165.185.60 Nov 15 17:18:49: %CRYPTO-6-EZVPN_CONNECTION_UP: (Client with Default peer) User=ME301XH28101 Group=Vz-ezvpn-group Client_public_addr=192.168.1.64 Server_public_addr=63.165.185.60 NEM_Remote_Subnets=11.65.249.92/255.255.255.255 Nov 15 17:18:50: %BGP-5-ADJCHANGE: neighbor 11.4.2.5 Up Nov 15 17:21:08: %BGP-5-ADJCHANGE: neighbor 11.4.2.5 Down BGP Notification sent Nov 15 17:21:08: %BGP-3-NOTIFICATION: sent to neighbor 11.4.2.5 4/0 (hold time expired) 0 bytes Nov 15 17:21:08: %BGP_SESSION-5-ADJCHANGE: neighbor 11.4.2.5 IPv4 Unicast topology base removed from session BGP Notification sent Nov 15 17:21:19: %BGP-5-ADJCHANGE: neighbor 11.4.2.5 Up