cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19203
Views
0
Helpful
15
Replies

%BGP-3-NOTIFICATION: received from neighbor <neighbor ip> 2/8 (open: unknown subcode) 3 bytes 000101

kiranoddiraju
Level 1
Level 1

Hi guys,

My BGP went down suddenly and won't establish any longer, constantly getting the message saying "%BGP-3-NOTIFICATION: received from neighbor 10.254.241.1 2/8 (open: unknown subcode) 3 bytes 000101". BGP state is sitting in idle and sometimes goes to Active but never in Established state. This was working fine until I decided to redistribute EIGRP into BGP and vice-versa. As soon as I configured the redistribution, I started getting these message. Now I tried ip prefix filters, removing re-distribution, removing EIGRP altogether but success yet. I know my ISP has a prefix limit of 50 but here I am not even advertising 50 prefixes. My ISP tried resetting the peer but it didn't help.

Here's the BGP state:

BGP neighbor is 10.254.241.1, remote AS 2856, external link
Description: Peer to BT PE
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
Last read 00:00:26, last write 00:00:26, hold time is 180, keepalive interval is 60 seconds
Message statistics:
InQ depth is 0
OutQ depth is 0

Sent Rcvd
Opens: 46919 5
Notifications: 0 46919
Updates: 35 122
Keepalives: 10 10
Route Refresh: 0 0
Total: 46964 47056
Default minimum time between advertisement runs is 30 seconds

For address family: IPv4 Unicast
BGP table version 2894, neighbor version 0/0
Output queue size : 0
Index 1, Offset 0, Mask 0x2
1 update-group member
Inbound soft reconfiguration allowed
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0

Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 28, min 1

Address tracking is enabled, the RIB does have a route to 10.254.241.1
Connections established 5; dropped 5
Last reset 18:57:36, due to BGP Notification received, open: unknown subcode
Transport(tcp) path-mtu-discovery is enabled

BGP configuration:

router bgp 64710
  no synchronization
  bgp log-neighbor-changes
  network 10.220.255.24 mask 255.255.255.248
  network 10.254.241.0 mask 255.255.255.252
  redistribute eigrp 9000 route-map EIGRP-TO-BGP
  neighbor 10.254.241.1 remote-as 2856
  neighbor 10.254.241.1 description Peer to BT PE
  neighbor 10.254.241.1 soft-reconfiguration inbound
  no auto-summary

route-map EIGRP-TO-BGP permit 10
 match ip address prefix-list EIGRP-TO-BGP

ip prefix-list EIGRP-TO-BGP seq 100 permit 10.160.0.0/16 le 24
ip prefix-list EIGRP-TO-BGP seq 120 permit 10.129.0.0/16 le 24
ip prefix-list EIGRP-TO-BGP seq 140 permit 10.220.0.0/16 le 24

Any idea why the BGP is not establishing?

Thanks,

Kiran

15 Replies 15

kiranoddiraju
Level 1
Level 1

GB-LDC-MPLS01#sh ver
Cisco IOS Software, 7301 Software (C7301-ADVIPSERVICESK9-M), Version 12.4(24)T8, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Sun 09-Sep-12 07:23 by prod_rel_team

ROM: System Bootstrap, Version 12.3(4r)T4, RELEASE SOFTWARE (fc1)
BOOTLDR: Cisco IOS Software, 7301 Software (C7301-BOOT-M), Version 12.4(24)T8, RELEASE SOFTWARE (fc1)

GB-LDC-MPLS01 uptime is 4 days, 16 hours, 37 minutes
System returned to ROM by reload at 19:03:57 UTC Fri Jan 27 2017
System restarted at 19:06:04 UTC Fri Jan 27 2017
System image file is "disk0:c7301-advipservicesk9-mz.124-24.T8.bin"
Last reload reason: Reload Command

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 7301 (NPE) processor (revision F) with 491520K/32768K bytes of memory.
Processor board ID 74858976
SB-1 CPU at 700MHz, Implementation 1025, Rev 0.2, 512KB L2 Cache
1 slot midplane, Version 2.0

I have now upgraded the router to ADV-ENT-15.2(4)S7 and I get a slightly different message now.

Cisco IOS Software, 7301 Software (C7301-ADVENTERPRISEK9-M), Version 15.2(4)S7 

Feb 1 12:42:10.254 UTC: %BGP-3-NOTIFICATION: received from neighbor 10.254.241.1 active 2/8 (no supported AFI/SAFI) 3 bytes 000101 (timer expired)

umeshpathrwal10
Level 1
Level 1
I am receiving this notification. ASN on both routers are matching perfectly. Can anyone suggest the cause ?

Topology- Juniper (AS 9498)---ebgp-------Cisco(AS137671)

BGP-3-NOTIFICATION: received from neighbor y.y.y.y active 2/2 (peer in wrong AS) 0 bytes

Hello

Can you try turning off the capabilities check

 

Neighbour y.y.y.y  dont-capability-negotiate 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Tried configuring don't cababilities but then my junos starts throwing
notification like as bgp speaker can not use AS.

Hello

possible bug? -here


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Has this BGP worked before and then stopped working? Or is this a new install of BGP?

 

I wonder about this part of the notification

received from neighbor y.y.y.y active 2/2 (peer in wrong AS) 0 bytes

 

Perhaps the poster can run debug for bop and post the debug output?

 

HTH

 

Rick

HTH

Rick

Hi

No it has not come up on cisco.

Working topology
Juniper (ASN 9498) --- ebgp-- HP(ASN 137671)

HP was replaced by cisco and bgp neighbor didn't come up.

And notification on cisco is
received from neighbor 2/2 (peer in wrong AS) 0 bytes

Your cisco received the notification from juniper. So juniper is complaining about something. Can you check the logs on juniper and see if there are any messages that relate to this?

 

I still believe that running debug for bgp and posting the output might shed light on this. It might also be helpful if you would post the configuration on cisco.

 

HTH

 

Rick

HTH

Rick

Hi

It won't be possible to run a bgp debug on the routers as are in
production.

Juniper -BGP notification :- received NOTIFICATION code 2 (Open Message
Error) sub code 0 (unspecified error)

It is unfortunate that running debug is not a possibility. So we will need to find other ways to investigate this. As a starting point could you post the config of the cisco?

 

It might also be helpful if you would post from the cisco the output of these commands

show ip bgp

show ip bop neighbor

and the output of similar commands on the juniper.

 

HTH

 

Rick

HTH

Rick

Cisco configuration
bgp 137671
bgp log-neighbor-changes
neighbor A:B:C:1055::2 remote-as 18101
neighbor X:X:X:X:208::1 remote-as 9498
neighbor X.X.X.155remote-as 9498
neighbor Y.Y.Y.17 remote-as 18101
!
address-family ipv4
network Z.Z.72.0 mask 255.255.252.0
no neighbor A:B:C:1055::2 activate
no neighbor X:X:3:X:208::1 activate
neighbor X.X.X.155activate
neighbor Y.Y.Y.17 activate
exit-address-family
!
address-family ipv6
neighbor A:B:C:1055::2 activate
neighbor X:X:X:X:208::1 activate
exit-address-family

BGP Notification Logs on cisco :-
Dec 14 21:50:08.287: BGP_SESSION-5-ADJCHANGE: neighbor X.X.X.155IPv4 Unicast topology base removed from session BGP Notification sent
Dec 14 21:50:16.476: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.155active 2/0 (open: unspecific subcode) 0 bytes
Dec 14 21:50:16.476: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from 125.17.249.155:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 003F 0104 251A 005A CB65 57DE 2202 0601 0400 0100 0102 0280 0002 0202 0002 0440 0240 7802 0641 0400 0025 1A02 0247 00
Dec 14 21:50:16.476: %BGP-3-NOTIFICATION: received from neighbor X.X.X.155active 2/2 (peer in wrong AS) 0 bytes
Dec 14 21:50:16.476: %BGP-5-NBR_RESET: Neighbor X.X.X.155active reset (BGP Notification received)
Dec 14 21:50:16.476: %BGP-5-ADJCHANGE: neighbor X.X.X.155active Down BGP Notification sent
Dec 14 21:50:16.476: %BGP_SESSION-5-ADJCHANGE: neighbor X.X.X.155IPv4 Unicast topology base removed from session BGP Notification sent
Dec 14 21:50:27.742: %BGP-3-NOTIFICATION: sent to neighbor X.X.X.155active 2/0 (open: unspecific subcode) 0 bytes
Dec 14 21:50:27.742: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from 125.17.249.155:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 003F 0104 251A 005A CB65 57DE 2202 0601
0400 0100 0102 0280 0002 0202 0002 0440 0240 7802 0641 0400 0025 1A02 0247 00
Dec 14 21:50:27.742: %BGP-3-NOTIFICATION: received from neighbor X.X.X.155active 2/2 (peer in wrong AS) 0 bytes
Dec 14 21:50:27.742: %BGP-5-NBR_RESET: Neighbor X.X.X.155active reset (BGP Notification received)
Dec 14 21:50:27.742: %BGP-5-ADJCHANGE: neighbor X.X.X.155 active Down BGP Notification sent
Dec 14 21:50:27.742: %BGP_SESSION-5-ADJCHANGE: neighbor X.X.X.155 IPv4 Unicast topology base removed from session BGP Notification sent

Juniper bgp logs :-

%DAEMON-4: bgp_recv_open: peer X.X.X.156(External AS 137671): received NOTIFICATION code 2 (Open Message Error) subcode 0 (unspecified error)
Dec 14 22:48:37.508 VJW-ISP-ACC-RTR-222 rpd[56982]: %DAEMON-4: bgp_recv_open: peer X.X.X.156(External AS 137671): received NOTIFICATION code 2 (Open Message Error) subcode 0 (unspecified error)
Dec 14 22:48:51.846 VJW-ISP-ACC-RTR-222 rpd[56982]: %DAEMON-4: bgp_recv_open: peer X.X.X.156(External AS 137671): received NOTIFICATION code 2 (Open Message Error) subcode 0 (unspecified error)

In the first post from the current poster the cisco was receiving notifications sent from Juniper. In the recent post the cisco is generating notifications. So sometimes the notifications are generated from Juniper and sometimes generated from cisco. This makes me wonder if it is a question of which device initiates the request. And it certainly suggests that there is a significant mismatch between the devices. We have seen the config from the cisco. Perhaps we could see the config from Juniper?

 

HTH

 

Rick

HTH

Rick

Hello

RIB does have a route to 10.254.241.1
Connections established 5; dropped 5

 

Do you have reachability to this peer?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Review Cisco Networking for a $25 gift card