07-03-2012 02:49 AM - edited 03-04-2019 04:51 PM
I am replacing an old 2600 out of support BGP router with a 3954 running 15.1(4)M3 using the same config on both routers. The old config and IOS works fine, but with the new router I can not establish an eBGP neighbor relationship, iBGP is fine. I am wondering if it has something to do with MTR.
Here is the event debug, can any one see what might be the issue ? Regards Stuart
Jun 30 11:59:46.650 CEST: BGP: 62.12.4.8 active went from Idle to Active
Jun 30 11:59:46.650 CEST: BGP: 62.12.4.8 open active, local address 194.104.184.252
Jun 30 11:59:46.658 CEST: BGP: 62.12.4.8 open failed: Connection refused by remote host
Jun 30 11:59:46.658 CEST: BGP: 62.12.4.8 Active open failed - tcb is not available, open active delayed 11264ms (35000ms max, 60% jitter)
Jun 30 11:59:46.658 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) act Reset (Active open failed).
Jun 30 11:59:46.658 CEST: BGP: tbl IPv4 Unicast:base Service reset requests
Jun 30 11:59:46.658 CEST: BGP: tbl IPv4 Multicast:base Service reset requests
Jun 30 11:59:46.658 CEST: BGP: 62.12.4.8 active went from Active to Idle
Jun 30 11:59:46.658 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 11:59:46.658 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 11:59:57.914 CEST: BGP: 62.12.4.8 active went from Idle to Active
Jun 30 11:59:57.914 CEST: BGP: 62.12.4.8 open active, local address 194.104.184.252
Jun 30 11:59:57.922 CEST: BGP: 62.12.4.8 open failed: Connection refused by remote host
Jun 30 11:59:57.922 CEST: BGP: 62.12.4.8 Active open failed - tcb is not available, open active delayed 9216ms (35000ms max, 60% jitter)
Jun 30 11:59:57.922 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Reset (Active open failed).
Jun 30 11:59:57.922 CEST: BGP: tbl IPv4 Unicast:base Service reset requests
Jun 30 11:59:57.922 CEST: BGP: tbl IPv4 Multicast:base Service reset requests
Jun 30 11:59:57.922 CEST: BGP: 62.12.4.8 active went from Active to Idle
Jun 30 11:59:57.922 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 11:59:57.922 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 12:00:02.830 CEST: BGP: Regular scanner timer event
Jun 30 12:00:02.830 CEST: BGP: Performing BGP general scanning
Jun 30 12:00:02.830 CEST: BGP: topo global:IPv4 Unicast:base Scanning routing tables
Jun 30 12:00:02.830 CEST: BGP: tbl IPv4 Unicast:base Performing BGP Nexthop scanning for general scan
Jun 30 12:00:02.830 CEST: BGP(0): Future scanner version: 19933, current scanner version: 19932
Jun 30 12:00:02.830 CEST: BGP: topo global:IPv4 Multicast:base Scanning routing tables
Jun 30 12:00:02.830 CEST: BGP: tbl IPv4 Multicast:base Performing BGP Nexthop scanning for general scan
Jun 30 12:00:02.830 CEST: BGP(6): Future scanner version: 19942, current scanner version: 19941
Jun 30 12:00:07.130 CEST: BGP: 62.12.4.8 active went from Idle to Active
Jun 30 12:00:07.130 CEST: BGP: 62.12.4.8 open active, local address 194.104.184.252
Jun 30 12:00:07.138 CEST: BGP: 62.12.4.8 open failed: Connection refused by remote host
Jun 30 12:00:07.138 CEST: BGP: 62.12.4.8 Active open failed - tcb is not available, open active delayed 10240ms (35000ms max, 60% jitter)
Jun 30 12:00:07.138 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) act Reset (Active open failed).
Jun 30 12:00:07.138 CEST: BGP: tbl IPv4 Unicast:base Service reset requests
Jun 30 12:00:07.138 CEST: BGP: tbl IPv4 Multicast:base Service reset requests
Jun 30 12:00:07.138 CEST: BGP: 62.12.4.8 active went from Active to Idle
Jun 30 12:00:07.138 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 12:00:07.138 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer running
Jun 30 12:00:17.370 CEST: BGP: 62.12.4.8 active went from Idle to Active
Jun 30 12:00:17.370 CEST: BGP: 62.12.4.8 open active, local address 194.104.184.252
Jun 30 12:00:17.378 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Adding topology IPv4 Unicast:base
Jun 30 12:00:17.378 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Send OPEN
Jun 30 12:00:17.378 CEST: BGP: 62.12.4.8 active went from Active to OpenSent
Jun 30 12:00:17.378 CEST: BGP: 62.12.4.8 active sending OPEN, version 4, my as: 25077, holdtime 24 seconds, ID C268B8FC
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive open to 194.104.184.252
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive went from Idle to Connect
Jun 30 12:00:26.238 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) pas Setting open delay timer to 8 seconds.
Jun 30 12:00:26.238 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) pas read request no-op
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcv message type 1, length (excl. header) 31
Jun 30 12:00:26.238 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) pas Receive OPEN
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcv OPEN, version 4, holdtime 180 seconds
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcv OPEN w/ OPTION parameter len: 21
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcvd OPEN w/ optional parameter type 2 (Capability) len 6
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has CAPABILITY code: 1, length 4
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has MP_EXT CAP for afi/safi: 1/1
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcvd OPEN w/ optional parameter type 2 (Capability) len 2
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has CAPABILITY code: 128, length 0
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has ROUTE-REFRESH capability(old) for all address-families
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcvd OPEN w/ optional parameter type 2 (Capability) len 2
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has CAPABILITY code: 2, length 0
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has ROUTE-REFRESH capability(new) for all address-families
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcvd OPEN w/ optional parameter type 2 (Capability) len 3
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has CAPABILITY code: 131, length 1
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive OPEN has MULTISESSION capability, without grouping
Jun 30 12:00:26.238 CEST: BGP: nbr global 62.12.4.8 neighbor does not have IPv4 MDT topology activated
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive rcvd OPEN w/ remote AS 286
Jun 30 12:00:26.238 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) pas topologies not available, in use by active session, try again
Jun 30 12:00:26.238 CEST: BGP: 62.12.4.8 passive went from Connect to Closing
Jun 30 12:00:26.238 CEST: BGP: ses global 62.12.4.8 (0x113758C:0) pas Send NOTIFICATION 2/8 (no supported AFI/SAFI) 3 bytes 000000 (suppress timer started)
Jun 30 12:00:30.682 CEST: BGP: 62.12.4.8 passive local error close after sending NOTIFICATION
Jun 30 12:00:30.682 CEST: BGP: tbl IPv4 Unicast:base Service reset requests
Jun 30 12:00:30.682 CEST: BGP: tbl IPv4 Multicast:base Service reset requests
Jun 30 12:00:30.682 CEST: BGP: 62.12.4.8 passive closing
Jun 30 12:00:30.682 CEST: BGP: 62.12.4.8 passive went from Closing to Idle
Jun 30 12:00:30.682 CEST: BGP: nbr global 62.12.4.8 Active open failed - can't get active topologies
Jun 30 12:00:30.682 CEST: BGP: nbr global 62.12.4.8 Active open failed - can't get active topologies
Jun 30 12:00:41.946 CEST: %BGP-3-BGP_NO_REMOTE_READ: 62.12.4.8 connection timed out - has not accepted a message from us for 24000ms (hold time), 0 messages pending transmition.
Jun 30 12:00:41.946 CEST: BGP: 62.12.4.8 active went from OpenSent to Closing
Jun 30 12:00:41.946 CEST: %BGP-3-NOTIFICATION: sent to neighbor 62.12.4.8 active 4/0 (hold time expired) 0 bytes
Jun 30 12:00:41.946 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Send NOTIFICATION 4/0 (hold time expired) 0 bytes
Jun 30 12:00:41.946 CEST: BGP: 62.12.4.8 active local error close after sending NOTIFICATION
Jun 30 12:00:41.946 CEST: BGP: tbl IPv4 Unicast:base Service reset requests
Jun 30 12:00:41.946 CEST: BGP: tbl IPv4 Multicast:base Service reset requests
Jun 30 12:00:41.946 CEST: BGP: nbr_topo global 62.12.4.8 IPv4 Unicast:base (0x141F7784:0) NSF delete stale NSF not active
Jun 30 12:00:41.946 CEST: BGP: nbr_topo global 62.12.4.8 IPv4 Unicast:base (0x141F7784:0) NSF no stale paths state is NSF not active
Jun 30 12:00:41.946 CEST: BGP: nbr_topo global 62.12.4.8 IPv4 Unicast:base (0x141F7784:0) Resetting ALL counters.
Jun 30 12:00:41.946 CEST: BGP: 62.12.4.8 active closing
Jun 30 12:00:41.946 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Session close and reset neighbor 62.12.4.8 topostate
Jun 30 12:00:41.946 CEST: BGP: nbr_topo global 62.12.4.8 IPv4 Unicast:base (0x141F7784:0) Resetting ALL counters.
Jun 30 12:00:41.946 CEST: BGP: 62.12.4.8 active went from Closing to Idle
Jun 30 12:00:41.946 CEST: %BGP_SESSION-5-ADJCHANGE: neighbor 62.12.4.8 IPv4 Unicast topology base removed from session BGP Notification sent
Jun 30 12:00:41.946 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Removed topology IPv4 Unicast:base
Jun 30 12:00:41.946 CEST: BGP: ses global 62.12.4.8 (0x141F7784:0) act Removed last topology
Jun 30 12:00:41.946 CEST: BGP: nbr global 62.12.4.8 Open active delayed 12288ms (35000ms max, 60% jitter)
Jun 30 12:00:41.946 CEST: BGP: nbr global 62.12.4.8 Active open failed - open timer runningno debug all
07-03-2012 04:01 AM
Hi Stuart,
Are you using update-source in you BGP config ?
Can you share following information.
sh run | sec bgp.
Edit: Also, just confirm that no firewall or access-list is blocking port 179.
Regards,
Smitesh
07-03-2012 06:43 AM
The orignal config was not using update-source but I did try it with update-source
194.104.184.252 (the loopback) and the above was the debug.
I also tried with the router ID removed.
The ACL is removed and there is no F/W in front.
router bgp 25077
bgp router-id 194.104.184.1
no bgp fast-external-fallover
bgp cluster-id 3261643005
bgp log-neighbor-changes
network 193.176.46.0
network 194.104.160.0 mask 255.255.240.0
network 194.104.175.0
timers bgp 8 24
neighbor 62.12.4.8 remote-as 286
neighbor 62.12.4.8 description -= KPN AS286 BGP Speaker =-
neighbor 62.12.4.8 password 7
neighbor 62.12.4.8 ebgp-multihop 10
neighbor 62.12.4.8 update-source Loopback1
neighbor 62.12.4.8 version 4
neighbor 62.12.4.8 send-community
neighbor 62.12.4.8 distribute-list 5 in
neighbor 62.12.4.8 filter-list 1 in
neighbor 194.104.175.231 remote-as 25077
neighbor 194.104.175.231 description -= BGP4 with ValkIOS =-
neighbor 194.104.175.231 password 7
neighbor 194.104.175.231 next-hop-self
neighbor 194.104.175.231 filter-list 3 in
neighbor 194.104.175.231 filter-list 33 out
ip bgp-community new-format
ip as-path access-list 1 permit ^286_[0-9]*_[0-9]*$
ip as-path access-list 3 permit ^$
ip as-path access-list 33 permit ^$
07-04-2012 12:22 AM
Hi,
IMHO, the eBGP neighbor does not care too much about your BGP router ID.
But the update source address is important!
As it was not configured on your old router, it was using the IP address of the interface nearest to the neighbor, I believe.
Possibly you are using a different connection now or a different IP address on the interface?
The easiest way would be asking the guys administering the neighbor router: "Which IP address for my neighbor is configured on your router?"
If this does not help, you can also ask them: "Why are you refusing my BGP session?"
Sometimes asking your colleague a "stupid" question saves you hours of your time :-)
HTH,
Milan
07-04-2012 08:55 AM
Hi Stuart,
Instead of beating around the bush, I would recommend you to setup a confcall with your BGP Neighbour's Admin and remove entire BGP config from both ends.
Check if you can ping 62.12.4.8 and telnet the peer on 179 port.
Once that is done, Reconfigure the routers with only below commands.
router bgp 25077
neighbor 62.12.4.8 remote-as 286
neighbor 62.12.4.8 ebgp-multihop 10
neighbor 62.12.4.8 update-source Loopback1
neighbor 62.12.4.8 version 4
Just basic command(no password and no rocket science) to get the neighbourship going.
Once neighbourship is live you can start adding complexity.
Warm Regards,
Ameya Oke
07-23-2012 02:02 AM
Thanks guys.
I forced the router to peer via one of our other internet feeds and it worked first time.
So it looks like the ATM link is the problem. The working link uses an ATM 1A E3 and the none working one uses a ATM 1A T3/E3 card.
I think I will open a new question as the none working one looks ok, framing is corect etc and it is TXing and RXing.
Regards Stuart
08-10-2013 10:29 AM
Jun 30 11:59:57.922 CEST: BGP: 62.12.4.8 Active open failed - tcb is not available, open active delayed 9216ms (35000ms max, 60% jitter)
This line says that TCP cannot establish connection, so that is why this whole process is failing to begin with.
Cheers.
08-03-2019 10:29 AM
09-21-2017 05:34 AM
Hi Smithesh,
It just worked for me. But I want to know why it was happening. I had a different topology but in my topology the routers were running OSPF and the loopback add were also advertised and were reachable from each router still the BGP never came up but when I configured the update-source it came up. What was the reason.
09-21-2017 11:41 AM
Without the update-source command, the session will be established using the IP address of the physical interface between the two routers. This will fail since the other router is configured to only accept TCP sessions coming from the loopback interface IP address of it's neighbor.
Regards,
04-23-2018 04:19 PM
Test
02-12-2020 03:39 PM
02-12-2020 03:38 PM
eBGP does not need the command 'update-source' as they have to be directly connected. So, please remove update-source command. You might need this command in iBGP update and if you manage that router as it alwyas up, unless the router itself is down.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide