cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3398
Views
0
Helpful
19
Replies

BGP Help

Matt Cooper
Level 1
Level 1

Looking for some assistance in my BGP configuration. I have a peer (172.26.10.10) not coming up. I have a small porition of the config, let me know if you need more. I've also posted the logs of what i'm getting when i bring up gi0/0/0.129. I have two circuits, on the second one, I put in a remote-as.. Am I missing something in BGP?

show ip bgp sum

172.26.10.6 4 13979 8034 8880 1976 0 0 5d13h 222
172.26.10.10 4 13979 0 0 1 0 0 never Idle

*Apr 29 19:56:27.701: %BGP-5-NBR_RESET: Neighbor 172.26.10.10 active reset (Peer closed the session)
*Apr 29 19:56:27.701: %BGP_SESSION-5-ADJCHANGE: neighbor 172.26.10.10 IPv4 Unicast topology base removed from session Peer closed the session
*Apr 29 19:56:36.357: %BGP-3-NOTIFICATION: received from neighbor 172.26.10.10 active 2/2 (peer in wrong AS) 4 bytes 0000FDF2
*Apr 29 19:56:36.357: %BGP-5-NBR_RESET: Neighbor 172.26.10.10 active reset (BGP Notification received)
*Apr 29 19:56:36.357: %BGP-5-ADJCHANGE: neighbor 172.26.10.10 active Down BGP Notification received

interface Loopback0
ip address 32.252.192.239 255.255.255.255
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.716
encapsulation dot1Q 716
ip address 172.26.10.5 255.255.255.252
no ip redirects
no ip proxy-arp
no cdp enable
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.200
encapsulation dot1Q 200
ip address 192.168.1.3 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/0/1.1000
encapsulation dot1Q 1000
ip address 172.18.2.4 255.255.255.0
!
interface GigabitEthernet0/0/2
no ip address
negotiation auto
!
interface GigabitEthernet0/0/2.129
encapsulation dot1Q 129
ip address 172.26.10.9 255.255.255.252
no ip redirects
no ip proxy-arp
no cdp enable
!
interface GigabitEthernet0/0/2.1000
no cdp enable
!
interface Serial0/1/0:23
encapsulation hdlc
isdn switch-type primary-ni
isdn bchan-number-order ascending
no cdp enable
!
interface Service-Engine0/4/0
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
router bgp 65010
synchronization
bgp log-neighbor-changes
network 192.168.0.0
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
neighbor 172.26.10.6 remote-as 13979
neighbor 172.26.10.6 description EVPN HI
neighbor 172.26.10.10 remote-as 13979
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.38.67.240
ip route 192.168.0.0 255.255.255.0 192.168.1.2
ip route 192.168.1.0 255.255.255.0 192.168.1.2
ip route 192.168.2.0 255.255.255.0 192.168.1.2
ip route 192.168.3.0 255.255.255.0 192.168.1.2
ip route 192.168.4.0 255.255.255.0 172.26.10.17
ip route 192.168.5.0 255.255.255.0 172.26.10.17
ip route 192.168.6.0 255.255.255.0 172.26.10.17
ip route 192.168.12.0 255.255.255.0 172.26.10.13
!
!

Thanks!

Matt

19 Replies 19

joshua.wilson
Level 1
Level 1

per the log

*Apr 29 19:56:36.357: %BGP-3-NOTIFICATION: received from neighbor 172.26.10.10 active 2/2 (peer in wrong AS) 4 bytes 0000FDF2

You will need to check the peer remote-as #

HTH

Joshua

The CSR ASN is 65020 and ATT ASN is 13979, you can't create two BGP instances, though.

You are saying "The CSR ASN is 65020" but I can see

router bgp 65010

in your config.

Check with the other router admin if both AS numbers are correct also in his config.

Best regards,

Milan

There are two circuits. Once is 65010 and one is 65020. From what I've seen, you can only have one BGP instance. So I created 65010 to get the one circuit up, and then ran a "remote-as" under 65010 for the second circuit.

Hi,

Please make sure if you are reachable to 172.26.10.10.

How many hops are there in between these peers? 

If directly connected then they are not in same subnet 

interface GigabitEthernet0/0/0.716
encapsulation dot1Q 716
ip address 172.26.10.5 255.255.255.252

Valid IP range (172.26.10.5 - 172.26.10.6)

Please check on this and try to get your Neighbor details.

Regards,

Jarar

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.26.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/9 ms

I can ping it fine, unable to trace. 

I'm still having this issue. Can I get some more assistance?

172.26.10.6 and 172.26.10.10, are they two different neighbors or are they on one router?

Two different circuits from AT&T, trying to make it work on one router. Is this just not possible?

I am just trying to understand the topology, if you have two different circuits from one router to another, you cannot peer over each of them in BGP. If you have redundancy, you can peer with an loopback on the other side instead.

Do you have two circuits from Router1(Your router) to two different routers on the AT&T side or is it one router on the AT&T side?

 If it is one router, then you need to contact AT&T to see if they have an loopback address on it that you can peer with.

If they have two, then you should contact AT&T so they can change the AS number on their side.

I'll have to get more information from AT&T about their router setup. As far as I know, I'm going router to router. I'll get back ASAP with this information.

This is the reply I got recently from AT&T:

Changing the ASN is just a logical MACD but the issue is whether they will have 2 routers with 2 separate LAN segments at this location with dual AVPN . I don’t think a Cisco router can route 2 ASN’s from 1 LAN segment .

Does this seem accurate?

Thanks.

Do you have a normal LAN behind your router?  No VRFs or anything like that?  Then you can hook up to AT&T with two different circuit and two eBGP peers.  Request they load balance your two circuits from their side to you and you should be good to go.  

Are you trying to do any further manipulation that you want one prefix to route out one particular circuit of vice versa?

--tim

You certainly can have eBGP peers across different circuits to the same router on the other side.  

You can set BGP multiplath ebgp 4 and it will load share them.

You need to change the ASN you told ATT for the 172.26.10.10 circuit to match your ASN on your router...  then you can have BGP load balance the two circuits.,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: