No BGP passing over trunk

OK Gys and gals, I have a real doozy of a problem here. I have a pair of 2960 switches connected together, a 24 port and a 48 port. The 48 port has a 3925 connected to it, the 24 port is connected to a juniper, which is connected to another Juniper which has another 3925 plugged into it. Both 3925 are HSRP connected, which is working perfectly. The problem that I am having is I cannot get BGP to peer up. After some extensive packet captures I found the BGP is getting from juniper connected switch all the way back to the 24 port switch, and ends there.  The 3925 connected to the 48 port however, is getting all the way through to the Juniper side router.  I can see the syn and syn, ack between both routers on the 24 port switch, but only the syn from the router connected to the 48 port. I never see the syn or syn, ack from the Juniper router on the 48 port switch.

I can see everything else though from that router.

Rajeev Sharma
Cisco Employee


Check the spanning-tree forwarding state of all the ports involved in the path.




Spanning tree would make sense IF no other traffic was passing on that vlan, however in this case we can SSH from one router to the other, and HSRP is working, so TCP and Multicast is passing between switches. Its as though there was an ACL blocking TCP 179 on the 24 port outbound, yet there are none on either switch, nor is there any QOS that could affect it.

I did get some history on the switch though, and it may be that the switch is failing. At one point in the past, some ports had to be taken out of service due to issues with an ASIC, so it could very well be hardware related.  It is just very odd that one port out of 65000 is not being passed through.


If you feel like the issue is actually going due to a kind of filtering, I could suggest to telnet a the peer using BGPs port.

> telnet x.x.x.x 179

If you get a bad response and you are not able to telnet'it then you may be right with that feeling.

Let us know how that test went. Hope it helps, regards!


Yep, tried that as well. We have gone through everything in the path and it all ends at this switch.  Strangest thing I have ever seen.

Reza Sharifi
Hall of Fame Expert

So, both Cisco 2900 switches and both Juniper switches are all layer-2 right?

Can you ping from one 3925 to the other using the IPs you are trying to peer with?

are the switches daisy changed together?