,

BGP Troubleshooting in advanced

Posted by

BGP
Troubleshooting.


Problem: BGP peer is not getting establish
between routers.

Cause :
1) Peer ip address is not reachable .
2) port 179 is blocked by firewall or
access-list.

3) BGP configuration is not correct like wrong
peer address local-as or remote-as, wrong AS number, wrong authentication/MD5
password or wrong update-source loopback.

4) static route is missing for loopback address
end to end.

5) TTL=1 for ebgp neigbor. ebgp-multihop is not
configured.

6) MD5 authentication has “space” in
password.

7)Duplicate router-id between BGP
neighbors. 

Debugging command :
debug ip bgp
debug ip tcp transaction
debug ip bgp events 

Solution:
a) Ensure BGP local and remote AS configuration
is correct.

b) MD5 authentication password is correct on
both sides without spaces.

c)Verify update-source loopbak and
ebgp-multihop.

d) port 179 is allowed in the path boh end via
access-list. Ensure firwall is not blocking.

Problem : BGP neighbor ship is flapping and
getting reset.

Cause:
1. Keep alive mismatch
2. MTU mismatch.
3. Hellos are stuck in OutQ behind update
packets.

4. Remote router rebooting continually (typical
with a 3-5 minute BGP peering cycle time)

5. Remote router BGP process unstable,
restarting

6.Traffic Shaping & Rate Limiting parameters
7.MTU incorrectly set on links, PMTU discovery
disabled on router.

8. Output drops on the interface or congestion
on the queue.

9. High CPU on the router or CPU spike on
router. 

Solution :
a) Make sure you  have same keep alive on
both routes.

b) Make sure you  have same MTU  and
can ping MTU 1500 with df bit set.

c) If MTU mismatch can not be fixed, can use
path-mtu discovery to overcome.  

Tip: BGP update packets are packed to the size
of the MTU – keepalives and BGP OPEN packets are not packed to the size of the
MTU
Path MTU problem.

Problem : Router is not installing routes in
RIB and ignoring.

Cause :
1. Paths that are marked as not synchronized in the show ip bgp longer-prefixes output
2.Paths for which the NEXT_HOP is inaccessible
3.Paths from an external BGP (eBGP) neighbor if
the local autonomous system (AS) appears in the AS_PATH

4.If you enabled bgp
enforce-first-as
 and the UPDATE does not contain the AS of
the neighbor as the first AS number in the AS_SEQUENCE 

5.Paths that are marked as 
(received-only) in the show ip bgp longer-prefixes output 

Solution:
a) Be sure that there is an Interior Gateway
Protocol (IGP) route to the NEXT_HOP that is associated with the path.

Problem : Router is not installing routes in
BGP Table.

Cause:
1. No router in global routing table for the
network command configured in BGP.

2.  No matching route in BGP table for the
aggregate-command configured in BGP.

3. Same router-ID in routes coming from
Router-reflector in Originator-ID attributes.

4. Same router-IS in routes coming from
router-reflector from same cluster-ID.  


Problem : Router is not advertising route to
another BGP peer.

Cause :
1. No matching route in routing table.
2. Filter is  discarding route. 

[the-post-grid id=”9538″ title=””]

Visit Our Store and Buy All document (F5, Zscaler, ASA, Paloalto, Checkpoint,Forescout, Cisco ISE etc) only in  1600RS, click here on store - Store

X
error: Content is protected !!