Does the peer have a BGP configuration pointing towards your router?
If yes, then this is expected behaviour.
In this case, the peer (that is receiving BGP Notification messages) will send an OPEN message after the initial TCP handshake. As on your router, the BGP neighbor is deactivated/shutdown, it will send a NOTIFICATION message rejecting the connection, as shown below. SEND and RECEIVE are from the peer's perspective.
BGP SEND 12.12.12.2+51604 -> 12.12.12.1+179
BGP SEND message type 1 (Open) length 63
BGP SEND version 4 as 65300 holdtime 90 id 12.12.12.2 parmlen 34
BGP SEND MP capability AFI=1, SAFI=1
BGP SEND Refresh capability, code=128
BGP SEND Refresh capability, code=2
BGP SEND Restart capability, code=64, time=120, flags=Notification
BGP SEND 4 Byte AS-Path capability (65), as_num 65300
BGP SEND Long-Lived Graceful Restart capability, code=71
BGP_65301.12.12.12.1: send proc: writev 63/63 bytes, rc 1
BGP RECV 12.12.12.1+179 -> 12.12.12.2+61211
BGP RECV message type 3 (Notification) length 21
BGP RECV Notification code 6 (Cease) subcode 5 (Connection Rejected)
bgp_handle_notify:4439: NOTIFICATION received from 12.12.12.1 (External AS 65301): code 6 (Cease) subcode 5 (Connection Rejected)
Regards
Sheetanshu
------------------------------
Sheetanshu Shekhar
------------------------------
Original Message:
Sent: 04-18-2022 15:16
From: Unknown User
Subject: Can BGP be Completely Disabled for neighbors?
Was wondering if anyone else has come across this. I thought I had disabled BGP peering and communication with a peer by using the command:
deactivate protocol bgp group groupname neighbor neighbor
However the peer informed me that he was still seeing BGP notification messages in his router log from my router, so I tried:
set protocol bgp group groupname neighbor neighbor shutdown
Finally I had to disable the IRB interface for the log messages to stop appearing.
There was no peer establishment during any of this, but I was suprised my router was still sending out notifications to my neighbor.
When I lab tested these commands I never looked at the neighbor logs - just used the "show bgp summary" output for confirmation of peer non-establishment, so I assumed all BGP communication had stopped when the deactivate or shutdown commands were issued.