05-31-2009 12:43 AM - edited 03-06-2019 06:00 AM
Hi all,
we have router Cisco IOS Software, 3800
it was not reacable for few mins to check the cause i see logs they were clean.i check bgp summ nei were up from last 5 weeks
sh ip bgp summ
BGP router identifier 10.70.12.8, local AS number 64727
BGP table version is 614669, main routing table version 614669
1626 network entries using 190242 bytes of memory
1628 path entries using 84656 bytes of memory
115/114 BGP path/bestpath attribute entries using 14260 bytes of memory
103 BGP AS-PATH entries using 3644 bytes of memory
16 BGP community entries using 384 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 293186 total bytes of memory
BGP activity 48068/46442 prefixes, 137122/135494 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.70.12.13 4 64543 5188711 5000294 614669 0 0 5w0d 1619
172.17.41.245 4 65432 3757879 3757823 614669 0 0 5w0d 1
172.25.40.6 4 65434 7493872 7493982 614669 0 0 5w0d 1
NCIFDSCL01B#
i did command sh ip protocols
Routing Protocol is "bgp 64727"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
10.70.12.13 MPLS_IN
172.17.41.245 IFDS_TORONTO2_IN
172.25.40.6 IFDS_TORONTO1_IN
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
10.70.12.13 20 01:24:56
172.17.41.245 20 5w0d
172.25.40.6 20 5w0d
Distance: external 20 internal 200 local 200
it shows that neu 10.70.12.13 which goes to AT T MPLS CE router route updates gor refreshed.my question is why ip bgp summ does not show that routes were refreshed?
many thanks
Solved! Go to Solution.
05-31-2009 03:27 AM
does these times correspond to when you lost connectivity to peer router ? If so find out what did both operator do on ur box.
The other option is to actually ask peer router operators if they can confirm anything has gone wrong at their end.
on ur box, check for high CPU "sh proc cpu his" and validate if outage correspond to a high spike.
HTH
Sam
05-31-2009 02:04 AM
10.70.12.13 20 01:24:56 shows you when last update was received from this particular neighbor.
BGP summary shows you the TCP session uptime or downtime if not established.
So what you have noticed is pretty normal.
HTH
Sam
05-31-2009 02:28 AM
Hi Sam,
thanks for reply so when router receives update from Telco router that can cause the router not reachable at that time?
05-31-2009 02:33 AM
No that should not happen!
What might have happened is that your router lost connectivity to peer router, but BGP did not react as it takes a default 3 missed hellos before session is noted as down.
during 180s, traffic can basically be blackholed.
Sam
05-31-2009 03:04 AM
Hi sam,
her eis detail nei info
sh ip bgp nei
BGP neighbor is 10.70.12.13, remote AS 64543, external link
Description: "eBGP to AT&T CE Router"
BGP version 4, remote router ID 135.42.95.211
BGP state = Established, up for 5w0d
Last read 00:00:13, last write 00:00:07, hold time is 45, keepalive interval is 15 seconds
Configured hold time is 45,keepalive interval is 15 seconds, Minimum holdtime from neighbor is 0 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 5 5
Notifications: 0 0
Updates: 100 188570
Keepalives: 5000726 5000711
Route Refresh: 18 2
Total: 5000849 5189287
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 614690, neighbor version 614690/0
Output queue size : 0
Index 2, Offset 0, Mask 0x4
2 update-group member
Community attribute sent to this neighbor
Inbound path policy configured
Outbound path policy configured
Route map for incoming advertisements is MPLS_IN
Route map for outgoing advertisements is ATT_OUT
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 6 1619 (Consumes 84188 bytes)
Prefixes Total: 12 12187
Implicit Withdraw: 6 7565
Explicit Withdraw: 0 3003
Used as bestpath: n/a 1617
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
route-map: 10708 0
Suppressed duplicate: 0 1639
AS_PATH loop: n/a 18
Total: 10708 1657
Number of NLRIs in the update sent: max 0, min 0
Connections established 5; dropped 4
Last reset 5w1d, due to Interface flap
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled
Local host: 10.70.12.14, Local port: 179
Foreign host: 10.70.12.13, Foreign port: 51423
Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)
Event Timers (current time is 0x117913F2A4):
Timer Starts Wakeups Next
Retrans 206239 9 0x0
TimeWait 0 0 0x0
AckHold 209874 202255 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
iss: 2792573695 snduna: 2796492375 sndnxt: 2796492375 sndwnd: 15624
irs: 2691793629 rcvnxt: 2696045834 rcvwnd: 15453 delrcvwnd: 931
SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms
minRTT: 0 ms, maxRTT: 636 ms, ACK hold: 200 ms
Flags: passive open, nagle, gen tcbs
IP Precedence value : 6
Datagrams (max data segment is 1460 bytes):
Rcvd: 408298 (out of order: 0), with data: 210105, total data bytes: 4252204
Sent: 411394 (retransmit: 9, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 206229, total data bytes: 3918679
so in this case it wil wait 45 secs before thinking that nei is down right?
many thanks
05-31-2009 03:21 AM
Correct !
Configured hold time is 45,keepalive interval is 15 seconds
check ur logs to see if there are any outages of short time.
05-31-2009 03:23 AM
Hi sam
there are no outages
here is logs
May 16 04:36:03.551 extende: %SYS-5-CONFIG_I: Configured from console by e430822 on vty0 (10.169.207.55)
May 18 09:02:19.432 extende: %SYS-5-CONFIG_I: Configured from console by e414921 on vty0 (10.164.43.34)
NCIFDSCL01B# sh clock
07:23:09.971 extended_DST Sun May 31 2009
NCIFDSCL01B#
05-31-2009 03:27 AM
does these times correspond to when you lost connectivity to peer router ? If so find out what did both operator do on ur box.
The other option is to actually ask peer router operators if they can confirm anything has gone wrong at their end.
on ur box, check for high CPU "sh proc cpu his" and validate if outage correspond to a high spike.
HTH
Sam
05-31-2009 03:34 AM
Hi sam
thanks for quick reply.
nei is AT & T mpls ce router.so something might have happened in AT & T
cloud then?
also cpu is normal i checked it.so high cpu can also be cause of lost of connectivity to router?
05-31-2009 03:57 AM
Mahesh
I do not see anything that tells us how you were attempting to access your router when it was not accessible. Unless you were outside somewhere and your path to the router was through AT&T, it is not likely that something happening with that neighbor would impact your ability to access the router.
When you had the problem and could not access the router, did you try to ping the router? A ping to the router would help determine whether the problem was about reachability to the router or whether it was some problem on the router.
HTH
Rick
05-31-2009 04:00 AM
Hi rick,
thanks for reply.
i try to ping the router but it was not reachable.after few mins i was able to login to router.
05-31-2009 12:24 PM
Mahesh
It is helpful to know this. Where were you (what was your source address) and what was the path that should get you to the router (were you coming from outside to it or from inside to it)?
HTH
Rick
05-31-2009 04:16 PM
Hi rick,
i try to ping from nei router source IP
10.70.12.2 and i try to ping destination IP 10.70.12.3.also i try to ping from this source IP 155.108.251.1 and from here also ping did not work.
05-31-2009 04:56 PM
Mahesh
In a previous post you provided this information for the AT&T neighbor:
Local host: 10.70.12.14, Local port: 179
Foreign host: 10.70.12.13, Foreign port: 51423
So it is correct the the interface address on your router connected to AT&T is 10.70.12.14 and that the AT&T router has address 10.70.12.13? If that is the case and if you were at 10.70.12.2 and attenpted to access 10.70.12.3, then how does the AT&T router affect this access since neither of these addresses match where you are or what you are attempting to access?
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide