05-04-2023 11:30 AM
Hi
EBGP session is in IDLE mode , what action i can take to resolve the issue .
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.176.163.85 4 13979 0 0 1 0 0 05:28:10 Idle
10.176.163.89 4 65485 0 0 1 0 0 05:28:10 Idle
05-04-2023 11:41 AM
Hello @Rajvendra pratap singh,
Idle mean Down, then do you ping the IP of your neighbor bgp?
Please share your bgp configuration ? We could go further. Thanks.
05-04-2023 12:02 PM
HI M02@rt37
Yes i can ping the both neighbours IP's , please find the below configuration
fna-us-azphx9-wr01#sh run | sec bgp
redistribute bgp 65414 route-map Permit0
router bgp 65414
bgp router-id 10.133.224.254
bgp log-neighbor-changes
timers bgp 10 30
neighbor 10.133.225.174 remote-as 65414
neighbor 10.176.163.85 remote-as 13979
neighbor 10.176.163.85 description AT&T-GLOBAL
neighbor 10.176.163.85 fall-over bfd
neighbor 10.176.163.89 remote-as 65485
neighbor 10.176.163.89 description AT&T DIVERSITY
neighbor 10.176.163.89 fall-over bfd
!
address-family ipv4
network 10.91.6.0 mask 255.255.255.0
network 10.91.7.0 mask 255.255.255.0
network 10.91.11.128 mask 255.255.255.192
network 10.133.176.0 mask 255.255.248.0
network 10.133.184.0 mask 255.255.248.0
network 10.133.192.0 mask 255.255.224.0
network 10.133.193.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.195.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.197.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.199.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.201.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.203.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.205.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.207.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.209.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.211.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.213.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.215.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.217.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.224.0 mask 255.255.224.0
network 10.133.224.0 mask 255.255.255.224
network 10.133.224.254 mask 255.255.255.255
network 10.133.242.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.243.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.244.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.245.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.246.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.247.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.248.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.249.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.250.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.251.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.252.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.253.0 mask 255.255.255.0 route-map VOICE-CV
network 10.133.254.0 mask 255.255.255.0
network 10.133.254.0 mask 255.255.255.128
network 10.133.255.192 mask 255.255.255.224 route-map VOICE-CV
network 10.150.47.0 mask 255.255.255.128
network 10.150.47.128 mask 255.255.255.128
network 10.194.88.0 mask 255.255.248.0
neighbor 10.133.225.174 activate
neighbor 10.133.225.174 send-community both
neighbor 10.133.225.174 next-hop-self
neighbor 10.176.163.85 activate
neighbor 10.176.163.85 send-community both
neighbor 10.176.163.85 soft-reconfiguration inbound
neighbor 10.176.163.85 route-map ATT-IN in
neighbor 10.176.163.85 route-map ATT-OUT out
neighbor 10.176.163.85 filter-list 1 out
neighbor 10.176.163.89 activate
neighbor 10.176.163.89 send-community both
neighbor 10.176.163.89 soft-reconfiguration inbound
neighbor 10.176.163.89 route-map ATT-DIVERSITY out
neighbor 10.176.163.89 filter-list 1 out
exit-address-family
ip bgp-community new-format
access-list 120 permit tcp any gt 1024 10.230.0.0 0.0.255.255 eq bgp
access-list 120 permit tcp any eq bgp 10.230.0.0 0.0.255.255 gt 1024 established
access-list 120 permit tcp any gt 1024 10.128.0.0 0.31.255.255 eq bgp
access-list 120 permit tcp any eq bgp 10.128.0.0 0.31.255.255 gt 1024 established
access-list 123 permit tcp any any eq bgp rst
route-map bgp-summary permit 10
description Set the BGP metric for summary routes
set metric 10
set community 65414:1
route-map bgp-out permit 10
description Set the BGP community and metric for all routes
set metric 10
set community 65414:1
route-map static-bgp permit 10
description Permit static routes with tag 9999
match tag 9999
set metric 10
set community 65414:1
route-map static-bgp deny 20
description Deny all other routes
route-map bgp-summary-secondary permit 10
description Set the BGP metric for secondary summary routes
set metric 20
set community 65414:2
route-map bgp-summary-primary permit 10
description Set the BGP metric for primary summary routes
set metric 10
set community 65414:1
snmp-server view customer bgp excluded
snmp-server enable traps bgp
05-06-2023 02:16 AM
Hello
@Rajvendra pratap singh wrote:Yes i can ping the both neighbours IP's , please find the below configuration
You have a lot of irrelevant configuration applied to the bgp process, for instance the route-maps, the ones being used in the bgp process don't exist and the ones that do exist on the rtr are not being used in the bgp process
As for your bgp peering's not establishing:
sh ip route 10.176.163.85
sh ip route 10.176.163.89
sh ip int brief
05-04-2023 11:50 AM
Can you provide the "show bgp ipv4 unicast neighbor 10.176.163.85" output. This would provide useful information.
Regards,
05-04-2023 11:58 AM
Hi @Harold Ritter
Please check the below output and also please let me know that what should always check in this command output .
azphx9-wr01#show bgp ipv4 unicast neighbor 10.176.163.85
BGP neighbor is 10.176.163.85, remote AS 13979, external link
Description: AT&T-GLOBAL
Fall over configured for session
BFD is configured.
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle, down for 06:00:54
Configured hold time is 30, keepalive interval is 10 seconds
Minimum holdtime from neighbor is 0 seconds
Neighbor sessions:
0 active, is not multisession capable (disabled)
Stateful switchover support enabled: NO
Do log neighbor state changes (via global configuration)
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 48930, neighbor version 1/48930
Output queue size : 0
Index 0, Advertise bit 0
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor
Extended-community attribute sent to this neighbor
Inbound path policy configured
Outbound path policy configured
Outgoing update AS path filter list is 1
Route map for incoming advertisements is ATT-IN
Route map for outgoing advertisements is ATT-OUT
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0
Used as secondary: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 24, min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 1
Last Sent Refresh Start-of-rib: never
Last Sent Refresh End-of-rib: never
Last Received Refresh Start-of-rib: never
Last Received Refresh End-of-rib: never
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 0 0
Refresh End-of-RIB 0 0
Address tracking is enabled, the RIB does have a route to 10.176.163.85
Route to peer address reachability Up: 3; Down: 1
Last notification 06:00:54
Connections established 2; dropped 2
Last reset 06:01:57, due to Interface flap of session 1
External BGP neighbor not directly connected.
External BGP neighbor configured for connected checks (single-hop no-disable-connected-check)
Interface associated: GigabitEthernet0/0/1.2 (peering address NOT in same link)
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
SSO is disabled
No active TCP connection
05-04-2023 12:09 PM
The line "Address tracking is enabled, the RIB does have a route to 10.176.163.85" indicates that the router has a route to the peer IP address.
The line "Route to peer address reachability Up: 3; Down: 1" indicates that the router has detected the reachability of the peer address three times and the unreachability once.
05-04-2023 12:12 PM - edited 05-04-2023 12:17 PM
You have a route in order to reach the IP add. of your neighbor [10.176.163.85] because "GigabitEthernet0/0/1.2 (peering address NOT in same link)".
Do you ping from you Gig 0/0/1.2 the IP 10.176.163.85?
The line The line "Connections established 2; dropped 2" indicates that two BGP connections have been established with the peer, but both have been dropped.
--Network issue cause the eBGP to be "down", Idle--
05-04-2023 12:45 PM
HI M02@rt37
Do you ping from you Gig 0/0/1.2 the IP 10.176.163.85? Means you want to me ping the IP 10.176.163.85 from Gig 0/0/1.2
Like Router # ping 10.176.163.85 so Gig 0/0/1.2
If yes , then we are getting below output , unable to ping
fna-us-azphx9-wr01#ping 10.176.163.85 so GigabitEthernet0/0/1.2
% Invalid source interface - IP not enabled or interface is down
One more thing as checked interface is also down , and we have cross checked with customer cable is connected properly .
GigabitEthernet0/0/1 unassigned YES NVRAM down down
GigabitEthernet0/0/1.2 10.176.163.86 YES NVRAM down down
GigabitEthernet0/0/1.3 10.176.163.90 YES NVRAM down down
05-04-2023 12:54 PM
Thanks for the additional information.
The fact that these sub interfaces are down seems to be the issue, rather than what I mentioned before. You need to fixed the connectivity issue with gi0/0/1.
Regards,
05-04-2023 12:56 PM
Interface Gig 0/0/1 in Down state is your issue.
05-04-2023 12:17 PM
According to this output, the neighbor is not directly connected.
"External BGP neighbor not directly connected."
You need to configure "neighbor 10.176.163.85 ebgp-multihop" for the session to come up.
Regards,
05-04-2023 01:04 PM
Hi @Harold Ritter
Thanks for the feedback
As i checked the interface gi0/0/1 the cable is properly connected , So it means there is no local issue .
As you mentioned that need to configure the "neighbor 10.176.163.85 ebgp-multihop" for the session to come up , I agree that its EBGP and not direaclty connected so need to configure the ebgp-multihop command but the neighboueship was up earlier without ebgp-multihop command why ?
Please also advise how to proceed further to resolve the issue
05-04-2023 01:13 PM
I wrongly thought that the issue was that the eBGP session was multi hop. The issue is clearly with gi0/0/1 being down. You definitely need to troubleshoot this issue. The eBGP session should come up after interface gi0/0/1 comes up, without configuring "ebgp-multihop".
Regards,
05-05-2023 12:34 PM
Hi @Harold Ritter
Thanks for the feedback .
I agree that port is down so the BGP is in IDLE state .
Now my confusion is that the EBGP is not directly connected as shown in the output , So if the interface came up and than how EBGP will established without ebgp mutihop configuration
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide