cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1978
Views
0
Helpful
16
Replies

BGP SHOWS GATEWAYDOWN

tabish bhat
Level 1
Level 1

Hi All,

I need your help in BGP..

As i am able to ping my IGP networks ,but i am not able to telnet in my routers it shows the

following message.

Destination unreachable; gateway or host down

Do i need to add any command

i can see my networks aswell

Regards

Tash

16 Replies 16

cadet alain
VIP Alumni
VIP Alumni

Hi,

we need more infos. post a diagram of topology, config of routers and explain more precisely what is going wrong.

Regards.

Alain.

Don't forget to rate helpful posts.

hi tabish,

     Check the IGP route can be reachable first please!

     All the IGP peer should connect to each other first, that's the prerequisite for the BGP connection.

HI

juner

All networks are reachable and i can ping aswell

tabish bhat
Level 1
Level 1

HI

here is the topology

and configs

R4 interface Loopback3

ip address 50.0.0.1 255.0.0.0

!

interface Loopback4

no ip address

!

interface GigabitEthernet0/0

ip address 172.16.1.1 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 90.0.0.2 255.0.0.0

duplex auto

speed auto

!

router bgp 65000

bgp log-neighbor-changes

network 10.1.0.0 mask 255.255.0.0

network 10.1.1.0

network 50.0.0.0

network 90.0.0.0

neighbor 172.16.1.2 remote-as 64517

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip route 0.0.0.0 0.0.0.0 172.16.1.2

ip route 10.1.0.0 255.255.0.0 90.0.0.1

ROUTER 2

R4 interface Loopback3

ip address 50.0.0.1 255.0.0.0

!

interface Loopback4

no ip address

!

interface GigabitEthernet0/0

ip address 172.16.8.1 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.8.1 255.255.255.0

duplex auto

speed auto

!

router bgp 65000

bgp log-neighbor-changes

network 192.168.8.0

neighbor 172.16.1.2 remote-as 64517

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

i

Regards

Tash

Hi,

first tou configured your routers in AS 65000 but in your topology they are in AS 5500 ? Where is the typo?

Do you see any peering with the ISP? ---> sh ip bgp summary?  It shouldn't  be in the active state.

What is the telnet stuff you're trying to do?

Your configs are not clear? which is R4 and which is R2 ?

Regards.

Alain.

Don't forget to rate helpful posts.

Hi

i can ping my networks i am trying to telnet 192.168.8.1 internel ip of my network and gateway for my network..is 192.168.8.1.

i can see my Neighbours as well

*> 10.1.0.0/16      90.0.0.1                 0         32768 i

*> 30.0.0.1/32      172.16.1.2                             0 64517 64517 i

*> 40.0.0.1/32      172.16.1.2                             0 64517 64517 i

*> 50.0.0.0         0.0.0.0                  0         32768 i

*> 90.0.0.0         0.0.0.0                  0         32768 i

*> 172.16.1.0/30    172.16.1.2                             0 64517 ?

*> 172.16.2.0/30    172.16.1.2                             0 64517 i

*> 172.16.8.0/30    172.16.1.2                             0 64517 i

*> 172.16.9.0/30    172.16.1.2                             0 64517 i

*> 192.168.8.0      172.16.1.2                             0 64517 64517

R4 AND R2 are my branch routers and this is typo use 65000 instead of 5500

Hi

Do i need to type next-hop self command ????

Hi,

So from your branch router on the right you are pinging 192.168.8.1 without any problem but you can't telnet to it because you have the following message:   Destination unreachable; gateway or host down

Can you post output from sh access-list and sh run | be line vty on the router you're trying to telnet to.

Regards.

Alain.

Don't forget to rate helpful posts.

Hi

I have not configured any access-list on my router,

here is the line vty config

line con 0

line aux 0

line vty 0 4

password cisco123

login local

transport input telnet

Regards

Tash

Hi,

BGP next-hop self is for iBGP peerings and if this was the problem then the prefix wouldn't be marked as best path in the BGP table and not installed into the RIB.If this prefix was know via another routing protocol with a lower AD then it would be marked as r( for rib-failure) in the BGP table. But if you can ping a prefix then you have a valid route in your RIB so I don't understand why you can't telnet to it ( if you use same src IP- dst IP) unless there is something on the other end denying telnet.

Post the ping test output as well as the telnet test output.

Regards.

Alain.

Don't forget to rate helpful posts.

Hi

HO-MPLS-100MB#ping 192.168.8.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.8.1, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 4/7/8 ms

HO-MPLS-100MB#telnet 192.168.8.1 /source-interface gigabitEthernet 0/1

Trying 192.168.8.1 ...

% Connection timed out; remote host not responding

ping 192.168.8.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.8.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms

HO-MPLS-100MB#telnet 192.168.8.1

Trying 192.168.8.1 ...

Regards

Tash Bhat

Hi,

Your first telnet as you can see hasn't got same result as second one because in your first output you are sourcing the telnet from a different interface as your ping. There is a routing problem on the other side which doesn't know how to get to 90.0.0.2 address.

do a sh ip route 90.0.0.2  on the router you are pinging to(R4)  as well as sh ip bgp and post result.

Regards.

Alain.

Don't forget to rate helpful posts.

Hi

IF I CAN PING ...Y NOT TELNET...ROUTING IS OK...

Regards

Tabish Bhat

Hi,

I don't understand what you mean.

If you're trying end to end connectivity with pings  and it succeeds then telnet will have the same result.

But you were pinging without specifying a src IP or interface so the router chooses the interface from its RIB output and the end host replies with src and dst reversed.Then you telnet from another interface and it fails and you receive an icmp host unreachable because the end host doesn't have a route back to the src IP you pinged from, that's why it fails.

When you telnet and ping from same interface you haven't got the same problem.

So the question is do you want connectivity from the source you specified to this destination ? if so then you must solve the problem on the other side.

Regards.

Alain.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco