cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14575
Views
0
Helpful
19
Replies

BGP Notification sent, invalid or corrupt AS path

Josiah Inubio
Level 1
Level 1

Hi Everyone,

 

I've been trying to have an bgp peering on our counterpart but this error keeps on showing. Everytime it's established, it dropped also. Please see logs below. I've already bounced my session, create / re-create my bgp config, but still no avail. Can anyone advise me on this?

 

RP/0/RP0/CPU0:Aug 25 09:20:31.043 : bgp[1045]:
%ROUTING-BGP-5-ADJCHANGE_DETAIL : neighbor 206.41.72.1 Down - BGP
Notification sent, invalid or corrupt AS path (VRF: default; AFI/SAFI: 1/1)

 

Connections established 145; dropped 145
  Local host: 206.41.72.39, Local port: 11458
  Foreign host: 206.41.72.1, Foreign port: 179
  Last reset 00:00:14, due to Peer closing down the session
  Peer reset reason: Remote closed the session (Connection timed out)
  Time since last notification sent to neighbor: 00:01:30
  Error Code: invalid or corrupt AS path
  Notification data sent:
    40020A02 02000051 CC000040 F1

 

Total malformed UPDATE 145
  Last malformed UPDATE 00:01:30
  Error subcode 11, attribute code 0, action reset session
  Malformed UPDATE: 133 bytes
    FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
    00850200 00002E40 01010040 020A0202
    000051CC 000040F1 400304CE 294822C0
    07080000 51CC172D 4359C008 0851CC01
    9B51CC03 781317DD 6016B855 E41648F6
    A01648F6 CC1748F7 EA14B855 4014173E
    40141706 B014173E 501748F6 501417DE
    A016173E 3817173E 361417CD C017B81C
    2014173B 10

19 Replies 19

Hi Peter,

Please see attached.

#show bgp neighbor 206.41.73.1
Wed Sep  2 11:21:05.005 UTC

BGP neighbor is 206.41.73.1
 Remote AS, local AS, external link
 Description: ::PEERING
 Remote router ID 206.41.73.1
  BGP state = Established, up for 1w1d
  Last read 00:00:30, Last read before reset 00:00:00
  Hold time is 180, keepalive interval is 60 seconds
  Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
  Last write 00:00:00, attempted 19, written 19
  Second last write 00:01:00, attempted 19, written 19
  Last write before reset 00:00:00, attempted 0, written 0
  Second last write before reset 00:00:00, attempted 0, written 0
  Last write pulse rcvd  Sep  2 11:21:04.835 last full not set pulse count 26456
  Last write pulse rcvd before reset 00:00:00
  Socket not armed for io, armed for read, armed for write
  Last write thread event before reset 00:00:00, second last 00:00:00
  Last KA expiry before reset 00:00:00, second last 00:00:00
  Last KA error before reset 00:00:00, KA not sent 00:00:00
  Last KA start before reset 00:00:00, second last 00:00:00
  Precedence: internet
  Enforcing first AS is enabled
  Neighbor capabilities:
    Route refresh: advertised and received
    4-byte AS: advertised and received
    Address family IPv4 Unicast: advertised and received
  Received 14057 messages, 0 notifications, 0 in queue
  Sent 12480 messages, 0 notifications, 0 in queue
  Minimum time between advertisement runs is 30 secs

 For Address Family: IPv4 Unicast
  BGP neighbor version 328579802
  Update group: 0.36 Filter-group: 0.13  No Refresh request being processed
  Inbound soft reconfiguration allowed (override route-refresh)
  Private AS number removed from updates to this neighbor
  Route refresh request: received 0, sent 0
  Policy for incoming advertisements is PEERING-IN
  Policy for outgoing advertisements is ALL-OUT
  0 accepted prefixes, 0 are bestpaths
  Cumulative no. of prefixes denied: 0. 
  Prefix advertised 669, suppressed 36, withdrawn 22
  Maximum prefixes allowed 1048576
  Threshold for warning message 75%, restart interval 0 min
  An EoR was not received during read-only mode
  Last ack version 328579802, Last synced ack version 0
  Outstanding version objects: current 0, max 3
  Additional-paths operation: None

  Connections established 1; dropped 0
  Local host: 206.41.73.39, Local port: 179
  Foreign host: 206.41.73.1, Foreign port: 39574
  Last reset 00:00:00

Hi Peter,

We've just put this "enforce-first-as disable" on our config and our bgp peering established. 

 

 

i've had this happen when the as path prepend being sent was different than what the actual as of the bgp router is.  from the messages you get, this is likely your neighbor sending the wrong as value in their as prepend statement.

Josiah,

In addition, can you please post the output from show bgp neighbor 206.41.73.1 ?

Thanks!

Best regards,
Peter

p-smallwood
Level 1
Level 1

I have seen the message %BGP-3-NOTIFICATION: sent to neighbor (invalid or corrupt AS path) when an eBGP neighbor is configured to AS-Prepend using an AS number that is different from it's own. 

Review Cisco Networking for a $25 gift card