cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4048
Views
15
Helpful
21
Replies

BGP Error

promise2k
Level 1
Level 1

i wanted to perform a swap of my BGP router i.e from ASR-1001 to ASR-1001-X. since this is a swap all configuration remained the same, nothing changed. when i plugged in the new router by e-BGP was not coming up. i was getting the below error message

BGP-4-MSGDUMP: unsupported or mal-formatted message received from x.x.x.x:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0055 0104 3DBA 00B4 0A2C 110F 3802 0601
0400 0100 0102 0280 0002 0202 0002 0641 0400 003D BA02 0840 0600 7800 0101 0002
1405 1200 0100 0100 0200 0100 0200 0200 0100 8000 02

 

below is the BGP config which i have 

 

router bgp zzzzz

 bgp router-id 10.254.3.1

 bgp always-compare-med

 bgp log-neighbor-changes

 bgp deterministic-med

 neighbor 10.254.3.2 remote-as zzzzz

 neighbor 10.254.3.2 update-source Loopback0

 neighbor x.x.x.x remote-as 15802

 neighbor x.x.x.x dont-capability-negotiate

 !

 address-family ipv4

  bgp dampening

  network y.y.y.y mask 255.255.255.0

  network y.y.x.x mask 255.255.252.0

  neighbor 10.254.3.2 activate

  neighbor 10.254.3.2 next-hop-self

  neighbor x.x.x.x activate

  neighbor x.x.x.x soft-reconfiguration inbound

  neighbor x.x.x.x route-map LOCAL-PREF in

  neighbor x.x.x.x route-map PREPEND out

 exit-address-family


the other party is a bit difficult to deal with, so if i can do anything to resolve this issue on my end it would be great if i can get pointers. 

1 Accepted Solution

Accepted Solutions

Hi @promise2k ,

You should definitely upgrade to a version that incorporates the fix for CSCva92216. This should fix the issue.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

21 Replies 21

neighbor X.X.X.X dont-capability-negotiate

<<- disable capability nego """if""" you dont use it

yes indeed, in the original configuration this  command was not there, but after some googling i saw others saying that command might help with the error but surely it ddnt, so i will remove that command once i get a working solution. 

show ip bgp neighbors



share this 

the three capability are 
and from my experience the second can most one that generate the error message, 
so can you confirm what other peer use ?

  • Route Refresh Capability
  • 4-byte AS Capability
  • Multi-Protocol Capability

Please see below output of

show ip bgp nei 

specific for this neighbor thats giving me a problem. 

 

BGP neighbor is x.x.x.x,  remote AS 15802, external link

  BGP version 4, remote router ID 10.44.17.15

  BGP state = Established, up for 2d01h

  Last read 00:00:05, last write 00:00:44, hold time is 180, keepalive interval is 60 seconds

  Neighbor sessions:

    1 active, is not multisession capable (disabled)

  Neighbor capabilities:

    Route refresh: advertised and received(new)

    Four-octets ASN Capability: advertised and received

    Address family IPv4 Unicast: advertised and received

    Graceful Restart Capability: received

      Remote Restart timer is 120 seconds

      Address families advertised by peer:

        IPv4 Unicast (was not preserved

    Enhanced Refresh Capability: advertised

    Multisession Capability: 

    Stateful switchover support enabled: NO for session 1

  Message statistics:

    InQ depth is 0

    OutQ depth is 0

    

                         Sent       Rcvd

    Opens:                  1          1

    Notifications:          0          0

    Updates:                3     688762

    Keepalives:          3274          3

    Route Refresh:          0          0

    Total:               3278     688766

  Default minimum time between advertisement runs is 30 seconds




 For address family: IPv4 Unicast

  Session: x.x.x.x

  BGP table version 10353, neighbor version 10353/0

  Output queue size : 0

  Index 7, Advertise bit 1

  7 update-group member

  Inbound soft reconfiguration allowed

  Inbound path policy configured

  Outbound path policy configured

  Route map for incoming advertisements is LOCAL-PREF

  Route map for outgoing advertisements is PREPEND

  Slow-peer detection is disabled

  Slow-peer split-update-group dynamic is disabled

                                 Sent       Rcvd

  Prefix activity:               ----       ----

    Prefixes Current:               2        462 (Consumes 111053400 bytes)

    Prefixes Total:                 2       1146

    Implicit Withdraw:              0        684

    Explicit Withdraw:              0          0

    Used as bestpath:             n/a        462

    Used as multipath:            n/a          0

    Saved (soft-reconfig):        n/a     924983 (Consumes 110997960 bytes)




                                   Outbound    Inbound

  Local Policy Denied Prefixes:    --------    -------

    route-map:                            0    2769348

    Other Policies:                    1096        n/a

    Total:                             1096    2769348

  Number of NLRIs in the update sent: max 1, min 0

  Last detected as dynamic slow peer: never

  Dynamic slow peer recovered: never

  Refresh Epoch: 1

  Last Sent Refresh Start-of-rib: never

  Last Sent Refresh End-of-rib: never

  Last Received Refresh Start-of-rib: never

  Last Received Refresh End-of-rib: never

      Sent   Rcvd

Refresh activity:       ----   ----

  Refresh Start-of-RIB          0          0

  Refresh End-of-RIB            0          0




  Address tracking is enabled, the RIB does have a route to x.x.x.x

  Connections established 5; dropped 4

  Last reset 2d02h, due to Admin. shutdown of session 1

  Transport(tcp) path-mtu-discovery is enabled

  Graceful-Restart is disabled

Connection state is ESTAB, I/O status: 1, unread input bytes: 0            

Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1

Local host: y.y.y.y, Local port: 25051

Foreign host: x.x.x.x, Foreign port: 179

Connection tableid (VRF): 0

Maximum output segment queue size: 50




Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)




Event Timers (current time is 0xB39DEDB1):

Timer          Starts    Wakeups            Next

Retrans          3277          2             0x0

TimeWait            0          0             0x0

AckHold         45176       5814             0x0

SendWnd             0          0             0x0

KeepAlive           0          0             0x0

GiveUp              0          0             0x0

PmtuAger       176781     176780      0xB39DF0D0

DeadWait            0          0             0x0

Linger              0          0             0x0

ProcessQ            0          0             0x0




iss:  714318287  snduna:  714380682  sndnxt:  714380682

irs: 4182768689  rcvnxt: 4269504011




sndwnd:  32407  scale:      0  maxrcvwnd:  16384

rcvwnd:  15503  scale:      0  delrcvwnd:    881




SRTT: 1000 ms, RTTO: 1003 ms, RTV: 3 ms, KRTT: 0 ms

minRTT: 2 ms, maxRTT: 1000 ms, ACK hold: 200 ms

Status Flags: active open

Option Flags: nagle, path mtu capable

IP Precedence value : 6




Datagrams (max data segment is 1460 bytes):

Rcvd: 65613 (out of order: 0), with data: 62367, total data bytes: 86735321

Sent: 82827 (retransmit: 2, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 3276, total data bytes: 62394




 Packets received in fast path: 0, fast processed: 0, slow path: 0

 fast lock acquisition failures: 0, slow path: 0

TCP Semaphore      0x7EFEC5BD2A68  FREE 


    Route refresh: advertised and received(new)

Four-octets ASN Capability: advertised and received

 Address family IPv4 Unicast: advertised and received

Graceful Restart Capability: received

Enhanced Refresh Capability: advertised

so there are two capability unsupport in one of Peer 
we will start with disable enhanced-refresh capability in your side,



neighbor x.x.x.x dont−capability−negotiate enhanced−refresh



please check the capability after apply command 

is i use this command  

neighbor x.x.x.x dont-capability-negotiate

does this not disable all negotiations including the enhanced-refresh?

Yes, but I think you not re-establish the BGP between two peers, am I right? 

Hi @promise2k ,

Yes, this command will remove all capability negotiation from the outgoing BGP open message. The issue is that the other side still sends the BGP open message with capability negotiation and IOS-XE doesn't understand the capability parameters, most probably due to CSCva92216.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

hi there

i tried the below steps/commands but unfortunalty my issue wasnt solved. 

1. i tried this command 

neighbor x.x.x.x dont−capability−negotiate enhanced−refresh 

but it ddnt help.

2. i also tried the command 

neighbor x.x.x.x dont−capability−negotiate 

 it ddnt help

3. i wanted to try this command but its not suppoted on my IOS 

neighbor x.x.x.x dont−capability−negotiate four−byte−as

4. just for the fun of it i also tried this command but also not supposed 

5. as i was just googling i saw someone else faced this issue and addressed it by enabling IPv6 but it ddnt work for me.

router bgp xxxxx

address-family ipv6

neighbor x.x.x.x activate

 

Right now my router is on IOS XE 16.0.3 i am thinking if upgrading this. would this make a diffrence. if it does, what is the recocomended version that i should upgrade to?

only try this command before upgrade 


neighbor
 <only one neighbor which is x.x.x.x> 
ip-address ha-mode graceful-restart 



then check the

show ip bgp neighbor

check if it now advertise and received.

i tried this command but unfortunately it ddnt work. i had to upgrade the IOS from IOS XE 16.03.05 to 17.01.01. that solved my issue. thank again for all your help. 

Hi @promise2k ,

You should definitely upgrade to a version that incorporates the fix for CSCva92216. This should fix the issue.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

i had to upgrade the IOS from IOS XE 16.03.05 to 17.01.01. that solved my issue. 

Harold Ritter
Level 12
Level 12

Hi @promise2k ,

What version of code are you running on the new device? You might be hitting this bug:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva92216

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Review Cisco Networking for a $25 gift card