Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1091
Views
15
Helpful
10
Replies

BGP TCP Session

Go to solution
sivam siva
Level 3
Level 3

‎09-06-2018 09:49 AM

Hi

Can anyone tell how to find which router first initiate the TCP session in BGP.

 

Thanks in Advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
omz
VIP Alumni
VIP Alumni

‎09-06-2018 10:12 AM

Good (should read) article already linked.. but unfortunately the author didn't mention about the connection collision. 

 

RFC 4271

If a pair of BGP speakers try to establish a BGP connection with each
other simultaneously, then two parallel connections well be formed.
If the source IP address used by one of these connections is the same
as the destination IP address used by the other, and the destination
IP address used by the first connection is the same as the source IP
address used by the other, connection collision has occurred.  In the
event of connection collision, one of the connections MUST be closed.

Based on the value of the BGP Identifier, a convention is established
for detecting which BGP connection is to be preserved when a
collision occurs.  The convention is to compare the BGP Identifiers
of the peers involved in the collision and to retain only the
connection initiated by the BGP speaker with the higher-valued BGP
Identifier.

 

View solution in original post

10 Replies 10

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎09-06-2018 09:55 AM

check this post:

 

https://learningnetwork.cisco.com/blogs/vip-perspectives/2017/12/14/demystifying-bgp-session-establishment

Please remember to rate useful posts, by clicking on the stars below.

Go to solution
omz
VIP Alumni
VIP Alumni

‎09-06-2018 10:12 AM

Good (should read) article already linked.. but unfortunately the author didn't mention about the connection collision. 

 

RFC 4271

If a pair of BGP speakers try to establish a BGP connection with each
other simultaneously, then two parallel connections well be formed.
If the source IP address used by one of these connections is the same
as the destination IP address used by the other, and the destination
IP address used by the first connection is the same as the source IP
address used by the other, connection collision has occurred.  In the
event of connection collision, one of the connections MUST be closed.

Based on the value of the BGP Identifier, a convention is established
for detecting which BGP connection is to be preserved when a
collision occurs.  The convention is to compare the BGP Identifiers
of the peers involved in the collision and to retain only the
connection initiated by the BGP speaker with the higher-valued BGP
Identifier.

 

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni
In response to omz

‎09-06-2018 10:16 AM

thanks for point that out +5

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Go to solution
sivam siva
Level 3
Level 3
In response to omz

‎09-06-2018 10:52 AM

Thank you @omc 79
0 Helpful

Go to solution
omz
VIP Alumni
VIP Alumni
In response to sivam siva

‎09-06-2018 11:17 AM

@sivam siva You welcome!

0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-06-2018 11:27 AM

Hello

Just like to add.... The simplistic way is to check the local/foreign tcp port of the peering. (port 179 is the initiated side)

 

sh ip bgp neighbors xxx | in port


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
omz
VIP Alumni
VIP Alumni
In response to paul driver

‎09-06-2018 11:44 AM - edited ‎09-06-2018 11:45 AM

@paul driver hmm I am a bit confused by 'port 179 is the initiated side'

Would the initiated side not have a random source port with destination port 179?

Thinking about TCP, would server not be listening on 179?

Am I missing something?

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to omz

‎09-06-2018 12:08 PM - edited ‎09-07-2018 12:13 AM

Hello

Not a problem , You are indeed correct 179 is the server port- my first statement the wrong away around, foreign port is the initiated port.

However my understanding of bgp is that it is some different how it handles the peering, You are correct in saying the initiated rtr (client) will at first source from a random port to dest tcp 179  however in the returning syn acks the client/server roles can be swapped around so the replying rtr could become the client, So when finally the peering is established it can be the rtr that first initiated the session that has ended up with the local tcp179 port and its peer that has the foreign port as a random number.

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
omz
VIP Alumni
VIP Alumni
In response to paul driver

‎09-06-2018 01:52 PM

 

Apologies to be a pain.. I do not understand the swap.bgp.jpeg

 

R3#sh tcp bri | b TCB
TCB       Local Address               Foreign Address             (state)
F28B8F90  3.3.3.3.60425              4.4.4.4.179                 ESTAB
R3#sh ip bgp nei 4.4.4.4 | i _port
Local host: 3.3.3.3, Local port: 60425
Foreign host: 4.4.4.4, Foreign port: 179
R3#

 

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to omz

‎09-06-2018 03:19 PM - edited ‎09-07-2018 12:27 AM

Hello

Apply a debug  ( ip packet detail ) Then create a bgp session from scratch and watch the trace as the session is established you should eventually see the rtr which becomes the initiated speaker.

 

Now going back to the OP, checking the bgp neighboring local/foreign ports will show you the bgp initiator

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card