Hi all,
We have two routers, running HSRP between them.
Our ISP have reported that their PE router (192.168.10.81) is getting hammered with attempts from 192.168.10.84 (our secondary router) trying to establish BGP with it.
HSRP seems to be configured correctly however am unsure if BGP is configured correctly to use the HSRP IP for the BGP relationship.
Can someone please assist with diagnosing the problem, that is why does our secondary router continue to attempt a BGP relationship with ISP PE router?
Config & status outputs are below:
Many thanks in advance.
Rama
**************************************
Primary router MELRTRW001:
interface GigabitEthernet0/1
bandwidth 76800
ip address 192.168.10.83 255.255.255.248
no ip proxy-arp
ip nbar protocol-discovery
max-reserved-bandwidth 100
service-policy output 75Mbs_WAN_Service
ip route-cache flow
load-interval 30
...
standby 2 ip 192.168.10.82
standby 2 priority 110
standby 2 preempt
standby 2 authentication cpaaust
standby 2 track GigabitEthernet0/0 50
Secondary MELRTRW002:
interface GigabitEthernet0/1
bandwidth 76800
ip address 192.168.10.84 255.255.255.248
no ip proxy-arp
max-reserved-bandwidth 100
service-policy output 75Mbs_WAN_Service
...
standby 2 ip 192.168.10.82
standby 2 priority 90
standby 2 authentication cpaaust
standby 2 track GigabitEthernet0/0 50
BGP Neighbour status from primary router:
melrtrw001#sh ip bg neighbors 192.168.10.81
BGP neighbor is 192.168.10.81, remote AS XXXX, external link
BGP version 4, remote router ID 192.168.10.81
BGP state = Established, up for 4w4d
Last read 00:00:00, hold time is 90, keepalive interval is 30 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family BGP IPv4: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 3 2
Notifications: 0 0
Updates: 2 93
Keepalives: 94525 96565
Route Refresh: 0 0
Total: 94566 96660
Default minimum time between advertisement runs is 30 seconds
For address family: BGP IPv4
BGP table version 724, neighbor version 724/0
Output queue size : 0
Index 1, Offset 0, Mask 0x2
1 update-group member
Inbound soft reconfiguration allowed
Default information originate, default sent
Inbound path policy configured
Outbound path policy configured
Route map for incoming advertisements is IMPORT-POLICY
Route map for outgoing advertisements is Routes_to_ASXXXX
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 34 64 (Consumes 3024 bytes)
Prefixes Total: 48 165
Implicit Withdraw: 0 18
Explicit Withdraw: 14 83
Used as bestpath: n/a 55
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
route-map: 166 0
Bestpath from this peer: 9 n/a
Total: 175 0
Number of NLRIs in the update sent: max 0, min 0
Connections established 2; dropped 1
Last reset 4w4d, due to Peer closed the session
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled
Local host: 192.168.10.82, Local port: 179
Foreign host: 192.168.10.81, Foreign port: 53013
Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)
Event Timers (current time is 0xA90582B4):
Timer Starts Wakeups Next
Retrans 94530 0 0x0
TimeWait 0 0 0x0
AckHold 96607 93701 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
iss: 938153014 snduna: 939950022 sndnxt: 939950022 sndwnd: 16384
irs: 3031418952 rcvnxt: 3033258450 rcvwnd: 16175 delrcvwnd: 209
SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms
minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms
Flags: passive open, nagle, gen tcbs
IP Precedence value : 6
Datagrams (max data segment is 1460 bytes):
Rcvd: 190810 (out of order: 0), with data: 96607, total data bytes: 1839497
Sent: 189490 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 94531, total data bytes: 1797007
BGP Neighbour status from secondary router:
melrtrw002#sh ip bgp neighbors 192.168.10.81
BGP neighbor is 192.168.10.81, remote AS XXXX, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:00:13, hold time is 180, keepalive interval is 60 seconds
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 64393 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Total: 64393 0
Default minimum time between advertisement runs is 30 seconds
For address family: BGP IPv4
BGP table version 605, neighbor version 0/0
Output queue size : 0
Index 1, Offset 0, Mask 0x2
1 update-group member
Inbound soft reconfiguration allowed
Default information originate, default not sent
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 0, min 0
Connections established 0; dropped 0
Last reset never
No active TCP connection
Debug IP BGP logs on secondary router below:
Dec 11 23:53:19: BGP: Applying map to find origin for xxx.xxx.xxx.xxx/30
Dec 11 23:53:19: BGP: Applying map to find origin for xxx.xxx.xxx.xxx/30
...
Dec 11 23:53:23: BGP: 192.168.10.81 went from Idle to Active
Dec 11 23:53:23: BGP: 192.168.10.81 open active, delay 21059ms
Dec 11 23:53:44: BGP: 192.168.10.81 open active, local address 192.168.10.84
Dec 11 23:53:44: BGP: 192.168.10.81 went from Active to OpenSent
Dec 11 23:53:44: BGP: 192.168.10.81 sending OPEN, version 4, my as: XXXXX, holdtime 180 seconds
Dec 11 23:53:44: BGP: 192.168.10.81 send message type 1, length (incl. header) 45
Dec 11 23:53:45: BGP: 192.168.10.81 remote close, state CLOSEWAIT
Dec 11 23:53:45: BGP: 192.168.10.81 -reset the session
Dec 11 23:53:46: BGPNSF state: 192.168.10.81 went from nsf_not_active to nsf_not_active
Dec 11 23:53:46: BGP: 192.168.10.81 went from OpenSent to Idle
Dec 11 23:53:46: BGP: 192.168.10.81 closing
Dec 11 23:54:06: BGP: 192.168.10.81 went from Idle to Active
Dec 11 23:54:06: BGP: 192.168.10.81 open active, delay 24058ms
HSRP status on primary router:
melrtrw001# sh standby GigabitEthernet0/1
GigabitEthernet0/1 - Group 2
State is Active
4 state changes, last state change 4w4d
Virtual IP address is 192.168.10.82
Active virtual MAC address is 0000.0c07.ac02
Local virtual MAC address is 0000.0c07.ac02 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.852 secs
Authentication text "cpaaust"
Preemption enabled
Active router is local
Standby router is 192.168.10.84, priority 90 (expires in 8.132 sec)
Priority 110 (configured 110)
Track interface GigabitEthernet0/0 state Up decrement 50
IP redundancy name is "hsrp-Gi0/1-2" (default)
melrtrw001#
HSRP status on secondary router:
melrtrw002# sh standby GigabitEthernet0/1
GigabitEthernet0/1 - Group 2
State is Standby
4 state changes, last state change 4w4d
Virtual IP address is 192.168.10.82
Active virtual MAC address is 0000.0c07.ac02
Local virtual MAC address is 0000.0c07.ac02 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.808 secs
Authentication text "cpaaust"
Preemption disabled
Active router is 192.168.10.83, priority 110 (expires in 8.528 sec)
Standby router is local
Priority 90 (configured 90)
Track interface GigabitEthernet0/0 state Up decrement 50
IP redundancy name is "hsrp-Gi0/1-2" (default)
