Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

BGP peering issue

Hello there,

Anyone has seen a problem where you cannot establish 2 BGP sessions over a single IP?

I have 2 switches trying to use a single IP in another switch as a BGP peer and only one is successful.

If I shut one neighbor down , the other goes up.

neighbor ip shutdown

Makes no sense to me and looks like a BUG or something.

Any ideas?

Regards,

Vlad

8 REPLIES
Hall of Fame Super Silver

Re: BGP peering issue

Hello Vlad,

are the ip addresses on the switches' side different ?

have you used neighbor x.x.x.x update-source?

Hope to help

Giuseppe

Re: BGP peering issue

3 switches connected on the same VLAN/subnet are trying to establish BGP session.

So, imagine a CD-A 1.1.1.2/24 and CD-B 1.1.1.3/24 trying to peer with SW1 IP 1.1.1.1/24

cd-a

neighbor 1.1.1.1 remote-as 1

cd-b

neighbor 1.1.1.1 remote-as 1

sw1

neighbor 1.1.1.2 remote-as 2

neighbor 1.1.1.3 remote-as 2

If I shutdown cd-a, then b establish BGP, if I shut cd-b then cd-a establishes it.

Those are directly connected , so no point in using the update-source.

help!

New Member

Re: BGP peering issue

Might the Spanning tree be the problem? Are all switches interconnected?

Re: BGP peering issue

They all connect to another L2 switch yes. But they CD-A and CD-B have a L3 connection between them. So there should be no L2 loop to block via SPT.

Also, Ive seen a debug ip pac det in the switch and apparently it only rejects the connection.

After the first FYN TO 179 it replies with a ACK, RST.

16:08:35.118 BRST: IP: s=10.21.4.229 (GigabitEthernet3/5), d=10.21.4.226, len 40, rcvd 2

Jan 26 16:08:35.118 BRST: TCP src=179, dst=11158, seq=0, ack=965412976, win=0 ACK RST

Jan 26 16:08:35.118 BRST: IP: s=10.21.4.229 (GigabitEthernet3/5), d=10.21.4.226, len 40, stop process pak for forus packet

Jan 26 16:08:35.118 BRST: TCP src=179, dst=11158, seq=0, ack=965412976, win=0 ACK

Im still waiting to get a more info on this problem, as Im helping a friend.

But thanks for all your help.

I was just wondering if someone have seen something similar.

When you have to shutdown 1 bgp peer to get the other established.

Hall of Fame Super Silver

Re: BGP peering issue

Hello Vlad,

there are some rules about what side should use the well-known port (TCP 179).

I wonder if in your case switch1 resets the connection because in its opinion the well known port should be on its side.

or if there is a chance that both CD-A and CD-B will use the same BGP router-id.

the rule is the highest ip address on loopbacks before physical interfaces (the same as OSPF rules)

An the same router cannot have two ip addresses on the same LAN segment

you can check this with

sh ip bgp summary

on CD-A and CD-B

Hope to help

Giuseppe

Re: BGP peering issue

Hello Giuseppe,

thanks for the reply.

But unfortunately am afraid didnt understood.

Each CD and sw in that LAN segment has its own IP address.

Also if the router id was equal I would expect to see something similar to:

*Mar 1 00:07:33.747: %BGP-3-NOTIFICATION: sent to neighbor 10.0.0.1 2/3 (BGP identifier wrong) 4 bytes 01010101

rc# FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 0001 00B4 0101 0101 1002 0601 0400 0100 0102 0280 0002 0202 00

Any other suggestion is appreciated.

Cisco Employee

Re: BGP peering issue

Vladimir,

Not if the RID was the same on cd-a and cd-b as they do not establish a neighbor relationship between themselves but only to the switch.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Re: BGP peering issue

Hi Vlad,

lets go through BGP Neighbor States:

1- Idle

2- Open

3- Open Sent

4- Open Confirm

5- Established.

The Source Originating the TCP Session is always the Interface IP Address unless Modified with (Update Source) command.

The BGP router-id Has nothing to do with that, as u know BGP choses a single router-id based On Highest Loopback Or Highest Physical Interface.

I cant say what is the exact problem since you mentioned when u shut one peer the Second establishes neighborship. Its Odd. Pls clarify more...

HTH

Mohamed

441
Views
0
Helpful
8
Replies