cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1024
Views
0
Helpful
19
Replies
Highlighted
Beginner

BGP Help

Looking for some assistance in my BGP configuration. I have a peer (172.26.10.10) not coming up. I have a small porition of the config, let me know if you need more. I've also posted the logs of what i'm getting when i bring up gi0/0/0.129. I have two circuits, on the second one, I put in a remote-as.. Am I missing something in BGP?

show ip bgp sum

172.26.10.6 4 13979 8034 8880 1976 0 0 5d13h 222
172.26.10.10 4 13979 0 0 1 0 0 never Idle

*Apr 29 19:56:27.701: %BGP-5-NBR_RESET: Neighbor 172.26.10.10 active reset (Peer closed the session)
*Apr 29 19:56:27.701: %BGP_SESSION-5-ADJCHANGE: neighbor 172.26.10.10 IPv4 Unicast topology base removed from session Peer closed the session
*Apr 29 19:56:36.357: %BGP-3-NOTIFICATION: received from neighbor 172.26.10.10 active 2/2 (peer in wrong AS) 4 bytes 0000FDF2
*Apr 29 19:56:36.357: %BGP-5-NBR_RESET: Neighbor 172.26.10.10 active reset (BGP Notification received)
*Apr 29 19:56:36.357: %BGP-5-ADJCHANGE: neighbor 172.26.10.10 active Down BGP Notification received

interface Loopback0
ip address 32.252.192.239 255.255.255.255
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.716
encapsulation dot1Q 716
ip address 172.26.10.5 255.255.255.252
no ip redirects
no ip proxy-arp
no cdp enable
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.200
encapsulation dot1Q 200
ip address 192.168.1.3 255.255.255.0
no cdp enable
!
interface GigabitEthernet0/0/1.1000
encapsulation dot1Q 1000
ip address 172.18.2.4 255.255.255.0
!
interface GigabitEthernet0/0/2
no ip address
negotiation auto
!
interface GigabitEthernet0/0/2.129
encapsulation dot1Q 129
ip address 172.26.10.9 255.255.255.252
no ip redirects
no ip proxy-arp
no cdp enable
!
interface GigabitEthernet0/0/2.1000
no cdp enable
!
interface Serial0/1/0:23
encapsulation hdlc
isdn switch-type primary-ni
isdn bchan-number-order ascending
no cdp enable
!
interface Service-Engine0/4/0
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
router bgp 65010
synchronization
bgp log-neighbor-changes
network 192.168.0.0
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
neighbor 172.26.10.6 remote-as 13979
neighbor 172.26.10.6 description EVPN HI
neighbor 172.26.10.10 remote-as 13979
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.38.67.240
ip route 192.168.0.0 255.255.255.0 192.168.1.2
ip route 192.168.1.0 255.255.255.0 192.168.1.2
ip route 192.168.2.0 255.255.255.0 192.168.1.2
ip route 192.168.3.0 255.255.255.0 192.168.1.2
ip route 192.168.4.0 255.255.255.0 172.26.10.17
ip route 192.168.5.0 255.255.255.0 172.26.10.17
ip route 192.168.6.0 255.255.255.0 172.26.10.17
ip route 192.168.12.0 255.255.255.0 172.26.10.13
!
!

Thanks!

Matt

19 REPLIES 19
Highlighted
Beginner

per the log

per the log

*Apr 29 19:56:36.357: %BGP-3-NOTIFICATION: received from neighbor 172.26.10.10 active 2/2 (peer in wrong AS) 4 bytes 0000FDF2

You will need to check the peer remote-as #

HTH

Joshua

Highlighted
Beginner

The CSR ASN is 65020 and ATT

The CSR ASN is 65020 and ATT ASN is 13979, you can't create two BGP instances, though.

Highlighted
Advocate

You are saying "The CSR ASN

You are saying "The CSR ASN is 65020" but I can see

router bgp 65010

in your config.

Check with the other router admin if both AS numbers are correct also in his config.

Best regards,

Milan

Highlighted
Beginner

There are two circuits. Once

There are two circuits. Once is 65010 and one is 65020. From what I've seen, you can only have one BGP instance. So I created 65010 to get the one circuit up, and then ran a "remote-as" under 65010 for the second circuit.

Highlighted
Beginner

Hi,

Hi,

Please make sure if you are reachable to 172.26.10.10.

How many hops are there in between these peers? 

If directly connected then they are not in same subnet 

interface GigabitEthernet0/0/0.716
encapsulation dot1Q 716
ip address 172.26.10.5 255.255.255.252

Valid IP range (172.26.10.5 - 172.26.10.6)

Please check on this and try to get your Neighbor details.

Regards,

Jarar

Highlighted
Beginner

Type escape sequence to abort

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.26.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/9 ms

I can ping it fine, unable to trace. 

Highlighted
Beginner

I'm still having this issue.

I'm still having this issue. Can I get some more assistance?

Highlighted
Beginner

172.26.10.6 and 172.26.10.10,

172.26.10.6 and 172.26.10.10, are they two different neighbors or are they on one router?

Highlighted
Beginner

Two different circuits from

Two different circuits from AT&T, trying to make it work on one router. Is this just not possible?

Highlighted
Beginner

I am just trying to

I am just trying to understand the topology, if you have two different circuits from one router to another, you cannot peer over each of them in BGP. If you have redundancy, you can peer with an loopback on the other side instead.

Do you have two circuits from Router1(Your router) to two different routers on the AT&T side or is it one router on the AT&T side?

 If it is one router, then you need to contact AT&T to see if they have an loopback address on it that you can peer with.

If they have two, then you should contact AT&T so they can change the AS number on their side.

Highlighted
Beginner

I'll have to get more

I'll have to get more information from AT&T about their router setup. As far as I know, I'm going router to router. I'll get back ASAP with this information.

This is the reply I got recently from AT&T:

Changing the ASN is just a logical MACD but the issue is whether they will have 2 routers with 2 separate LAN segments at this location with dual AVPN . I don’t think a Cisco router can route 2 ASN’s from 1 LAN segment .

Does this seem accurate?

Thanks.

Highlighted
Beginner

Do you have a normal LAN

Do you have a normal LAN behind your router?  No VRFs or anything like that?  Then you can hook up to AT&T with two different circuit and two eBGP peers.  Request they load balance your two circuits from their side to you and you should be good to go.  

Are you trying to do any further manipulation that you want one prefix to route out one particular circuit of vice versa?

--tim

Highlighted
Beginner

You certainly can have eBGP

You certainly can have eBGP peers across different circuits to the same router on the other side.  

You can set BGP multiplath ebgp 4 and it will load share them.

Highlighted
Beginner

You need to change the ASN

You need to change the ASN you told ATT for the 172.26.10.10 circuit to match your ASN on your router...  then you can have BGP load balance the two circuits.,