Routing

 View Only
last person joined: yesterday 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  BGP Cease Error

    Posted 07-22-2024 07:52

    I received a "Code 6 Cease Error" while configuring bgp in one of my customers. And when I researched, they wrote that this error may be caused by a configuration error (MTU mismatch, Firewall Filter, Group configuration, etc.). However, there were no such mismatches in any way. I share the configurations below, they are very simple. 
    I did the same configurations in Juniper vlabs and I did not get this error there. I cannot share the logs exactly because my customer is a defense industry company, but the error was as follows "[code 6 (Cease) (Connection refused)"

    R1; (This router has one bgp group and has two neighbor.)

    group Site-Location 

       type external

        neighbor 10.10.10.2 peer-as 65005

        neighbor 30.30.30.1 peer-as 65010

    R2 

       type external

       neighbor 10.10.10.3 peer-as 65002

    R3

       type external

       neighbor 30.30.30.3 peer-as 65002

    Thats all and when ı tried this on vlabs, ı saw entire sessions are established. 

    Have you ever faced something like this before?



    ------------------------------
    Can Karani Soner
    ------------------------------


  • 2.  RE: BGP Cease Error

     
    Posted 07-23-2024 04:39
    Edited by markw 07-23-2024 04:41

    I assume the setup is as follows:

    R1<->R2 on the 10.10.10.x subnet and R1 <->R3 on the 30.30.30.x subnet.

    If so, what are your subnet lengths?

    Because for R1 <-> R2 I can imagine that being a /31 or something, and that makes sense for it to be 10.10.10.2 <-> 10.10.10.3
    But for R1 <-> R3 I can't make sense of the subnet. If it's a /31 then 30.30.30.1 and 30.30.30.3 are not in the same subnet, and if it's a /30 then 30.30.30.3 is not a valid IP to use (it's the broadcast address), so probably leads to issues at best.

    So I suspect there might be a typo in the IP addressing there?

    If it's not that, could you share your interface configuration for these sessions as well for clarification?

    I understand that these are fictional IPs  and ASNs most likely, but just want to make sure that you're not inadvertently misconfiguring subnets here :)


    Original Message


  • 3.  RE: BGP Cease Error

    Posted 07-23-2024 07:12

    Hi;

    Thank you for your reply btw.

    You are right about setup.

    Subnets are /24 so there is no ip issue I think. Also those are all the config no FF, no MTU but ı got the error.



    ------------------------------
    Can Karani Soner
    ------------------------------

    Original Message


  • 4.  RE: BGP Cease Error

    Posted 07-23-2024 07:16

    I cannot take ss or photo from my customer because of our agreement. But there are no any additional commands on the interfaces. Subnets and IP's private subnets. They have p2p fiber cable between sites so we use fully private environment.



    ------------------------------
    Can Karani Soner
    ------------------------------

    Original Message


  • 5.  RE: BGP Cease Error

     
    Posted 07-23-2024 07:30

    Understandable, though a little surprising that a /24 would be used for an EBGP peering, typically these are formed on point to point linknets and these would be ridiculously large subnets to put on a point to point cable. Are these direct point to point interfaces? If they are not directly layer 2 adjacent then it might be that you require BGP multihop?

    Another possibility, due to the connection refused, is that there a filter on the loopback interface rejecting connectivity or something along those lines?

    Maybe a good test would be: If you perform a telnet to port 179 on the neighbor's IP, are you able to connect? Because there might be something inhibiting your BGP connectivity.

    Is this connection across a IPsec or other type of tunnel? If so you might need to configure a TCP-MSS value under your BGP group configuration to ensure you reduce the maximum MTU size for the BGP updates to fit inside the reduced tunnel MTU.

    That's all the things I can currently think of, but unfortunately lacking any detailed information there's not much indepth help I can give here (I understand why you can't give more of course, but of course that also makes it more difficult to help narrow down the issue).


    Original Message


  • 6.  RE: BGP Cease Error

    Posted 07-23-2024 09:16

    Yes, the customer used /24 subnets when he set up his network and we will fix it. Unfortunately we were not present at the initial setup and we had to deal with much bigger problems before the IP configuration.

    First of all I tested TCP port 179 and it works fine. No ff is applied on lo0.0. The MTU values are mutually left at default values and the two devices are directly connected to each other. There is no reason to use Multihop, we are directly neighboring over physical interfaces. The devices are MX204 and their version is 22.4R3 (I upgraded to this version, it was version 18.2 before and I did not skip 4 versions directly while doing this, I upgraded sequentially and there was no problem). This version was also the version recommended by Juniper.

    They do not communicate over any tunnel, after the BGP neighborhood is established, the GRE tunnel will pass over it for SIP traffic, but there is no such situation now.  

    This is what surprised me. There is no mention of any BGP bug in the version documentation, the configuration is too simple and plain to make mistakes, but I get Cease error. 


    Thank you very much for your help, your effort is really valuable. As you said, I cannot share more. I think I have no choice but to open the JTAC case, maybe there is a problem with one of the devices.



    ------------------------------
    Can Karani Soner
    ------------------------------

    Original Message


  • 7.  RE: BGP Cease Error

    Posted 07-23-2024 09:30

    Yes, the customer used /24 subnets when he set up his network and we will fix it. Unfortunately we were not present at the initial setup and we had to deal with much bigger problems before the IP configuration.

    First of all I tested TCP port 179 and it works fine. No ff is applied on lo0.0. The MTU values are mutually left at default values and the two devices are directly connected to each other. There is no reason to use Multihop, we are directly neighboring over physical interfaces. The devices are MX204 and their version is 22.4R3 (I upgraded to this version, it was version 18.2 before and I did not skip 4 versions directly while doing this, I upgraded sequentially and there was no problem). This version was also the version recommended by Juniper.

    They do not communicate over any tunnel, after the BGP neighborhood is established, the GRE tunnel will pass over it for SIP traffic, but there is no such situation now.  

    This is what surprised me. There is no mention of any BGP bug in the version documentation, the configuration is too simple and plain to make mistakes, but I get Cease error. 


    Thank you very much for your help, your effort is really valuable. As you said, I cannot share more. I think I have no choice but to open the JTAC case, maybe there is a problem with one of the devices.



    ------------------------------
    Can Karani Soner
    ------------------------------

    Original Message


  • 8.  RE: BGP Cease Error

    Posted 2 days ago

    Did you manage to find a solution for this?

    I have a similar issue, affecting v4 and v6 peers from the same organization. I have other peers that are working fine. 

    I also stand advised if I should raise a separate discussion.



    ------------------------------
    JEREMIAH KIOKO
    ------------------------------

    Original Message