Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  peer bgp is connected not to establiched

    Posted 22 days ago

    Hello

    i  have 

    show configuration routing-instances VPN-Internet | display set 
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet type external
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet import IMPORT-eBGP-VPN-Internet
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet export EXPORT-eBGP-VPN-Internet
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 family inet unicast
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 peer-as 65426
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 bfd-liveness-detection minimum-inte
    rval 500
    set routing-instances VPN-Internet interface ge-0/0/0.0
    set routing-instances VPN-Internet interface lo0.426
    set routing-instances VPN-Internet instance-type vrf
    set routing-instances VPN-Internet route-distinguisher 192.168.2.180:426
    set routing-instances VPN-Internet vrf-import IMPORT-VPN-INTERNET-ADHERENT
    set routing-instances VPN-Internet vrf-export EXPORT-VPN-INTERNET-ADHERENT
    set routing-instances VPN-Internet vrf-table-label
     
    interdata-noc@ROSES-RMB02-SIEGE-ESP> 
     
    ================================================================
     
     
    > show log messages | match 192.168.78.4                                   
    Dec 19 14:54:35  ROSES-RMB02-SIEGE-ESP rpd[2174]: bgp_ifachange_group:9450: NOTIFICATION sent to 192.168.78.4 (External AS 65426):
     code 6 (Cease) subcode 6 (Other Configuration Change), Reason: Interface change for the peer-group

    what is mean this message

    i wait a reply 



    ------------------------------
    Dhikra Marghli
    ------------------------------


  • 2.  RE: peer bgp is connected not to establiched

    This message was posted by a user wishing to remain anonymous
    Posted 20 days ago
    This message was posted by a user wishing to remain anonymous

    Is your eBGP peer reachable directly on ge-0/0/0.0?    What is the config for that interface? Where are you specifying your local ASN?  You only have 1 eBGP peer configured in that vrf and you're getting a BGP notification (error) message trying to establish a session to that peer.  The config you provided doesn't have ASN, routing-options, IP associated with the only data interface in the vrf (ge-0/0/0.0) or what the other side looks like. 

    Configure traceoptions on your vrf protocols bgp and it will give you the answer better than asking someone to guess what your complete configuration might be. Also, 'help syslog  <event-id>'  That log message you provided is bizarre...to me at least.  Even GOOG only returns this post for a search of "ROSES-RMB02-SIEGE-ESP"

    Good Luck, sir.


    Original Message


  • 3.  RE: peer bgp is connected not to establiched

    Posted 20 days ago 
    In the absence of any fatal errors (that are indicated in this
   section), a BGP peer MAY choose, at any given time, to close its BGP
   connection by sending the NOTIFICATION message with the Error Code
   Cease.  However, the Cease NOTIFICATION message MUST NOT be used when
   a fatal error indicated by this section does exist.

   A BGP speaker MAY support the ability to impose a locally-configured,
   upper bound on the number of address prefixes the speaker is willing
   to accept from a neighbor.  When the upper bound is reached, the
   speaker, under control of local configuration, either (a) discards
   new address prefixes from the neighbor (while maintaining the BGP
   connection with the neighbor), or (b) terminates the BGP connection
   with the neighbor.  If the BGP speaker decides to terminate its BGP
   connection with a neighbor because the number of address prefixes
   received from the neighbor exceeds the locally-configured, upper
   bound, then the speaker MUST send the neighbor a NOTIFICATION message
   with the Error Code Cease.  The speaker MAY also log this locally


    https://www.rfc-editor.org/rfc/rfc4271.html#section-6.7

    this document offciel that i find about Code Cease



    show bgp neighbor 192.168.78.4
    Peer: 192.168.78.4+179 AS 65427 Local: 192.168.78.3 AS 65011
    Group: eBGP-VPN-Internet Routing-Instance: VPN-Internet
    Forwarding routing-instance: VPN-Internet
    Type: External State: Connect Flags: <>
    Last State: Active Last Event: ConnectRetry
    Last Error: Cease
    Export: [ EXPORT-eBGP-VPN-Internet ] Import: [ IMPORT-eBGP-VPN-Internet ]
    Options: <Preference AddressFamily PeerAS Refresh>
    Options: <BfdEnabled>
    Options: <GracefulShutdownRcv>
    Address families configured: inet-unicast
    Holdtime: 90 Preference: 170
    Graceful Shutdown Receiver local-preference: 0
    Number of flaps: 4
    Last flap event: Stop
    Error: 'Cease' Sent: 3 Recv: 0





    ------------------------------
    Dhikra Marghli
    ------------------------------

    Original Message


  • 4.  RE: peer bgp is connected not to establiched

    Posted 20 days ago

    Hi Dhikra,

    The function bgp_ifachange_group() is, in general, invoked when a logical interface being used by one or more BGP neighbors within a BGP group changes its state or configuration. For instance, if you renumber the interface or shut it down. This triggers the BGP code to hard-reset all BGP sessions established over that interface. This causes all routes having their NH connected to that interface to be quickly withdrawn from the RIB(s) (and consequently from the forwarding table).

    So, in your use case, I'd say that you touched ge-0/0/0.0 or it simply went down. Having the config above in mind, [192.168.78.4] is probably directly routed over ge-0/0/0.0, since the group type is external and ebgp-multihop is not used.



    ------------------------------
    Berislav Todorovic
    ------------------------------

    Original Message


  • 5.  RE: peer bgp is connected not to establiched

    Posted 20 days ago

    i  have other exmple work fine 

    RMB01-SIEGE-ESP> show configuration routing-instances VPN-Internet | display set 
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet type external
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet import IMPORT-eBGP-VPN-Internet
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet export EXPORT-eBGP-VPN-Internet
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 family inet unicast
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 peer-as 65426
    set routing-instances VPN-Internet protocols bgp group eBGP-VPN-Internet neighbor 192.168.78.4 bfd-liveness-detection minimum-interval 5
    00
    set routing-instances VPN-Internet interface ge-0/0/0.0
    set routing-instances VPN-Internet interface lo0.426
    set routing-instances VPN-Internet instance-type vrf
    set routing-instances VPN-Internet route-distinguisher 192.168.2.179:426
    set routing-instances VPN-Internet vrf-import IMPORT-VPN-INTERNET-ADHERENT
    set routing-instances VPN-Internet vrf-export EXPORT-VPN-INTERNET-ADHERENT
    set routing-instances VPN-Internet vrf-table-label

    =================

    interdata-noc@ROSES-RMB01-SIEGE-ESP> show bgp neighbor 192.168.78.4 
    Peer: 192.168.78.4+52772 AS 65426 Local: 192.168.78.2+179 AS 65011
      Group: eBGP-VPN-Internet     Routing-Instance: VPN-Internet
      Forwarding routing-instance: VPN-Internet  
      Type: External    State: Established    Flags: <Sync>
      Last State: OpenConfirm   Last Event: RecvKeepAlive
      Last Error: Cease
      Export: [ EXPORT-eBGP-VPN-Internet ] Import: [ IMPORT-eBGP-VPN-Internet ]
      Options: <Preference AddressFamily PeerAS Refresh>
      Options: <BfdEnabled>
      Options: <GracefulShutdownRcv>
      Address families configured: inet-unicast
      Holdtime: 90 Preference: 170
      Graceful Shutdown Receiver local-preference: 0
      Number of flaps: 8
      Last flap event: Stop
      Error: 'Hold Timer Expired Error' Sent: 1 Recv: 0
      Error: 'Cease' Sent: 4 Recv: 0
      Peer ID: 192.168.78.4    Local ID: 192.168.78.2      Active Holdtime: 90
      Keepalive Interval: 30         Group index: 1    Peer index: 0    SNMP index: 2     
      I/O Session Thread: bgpio-0 State: Enabled
      BFD: enabled, down
      Local Interface: ge-0/0/0.0                       
      NLRI for restart configured on peer: inet-unicast
      NLRI advertised by peer: inet-unicast
      NLRI for this session: inet-unicast
      Peer supports Refresh capability (2)
      Stale routes from peer are kept for: 300
      Restart time requested by this peer: 60
      Restart flag received from the peer: Restarting
      NLRI that peer supports restart for: inet-unicast
      NLRI peer can save forwarding state: inet-unicast
      NLRI that peer saved forwarding for: inet-unicast
      NLRI that restart is negotiated for: inet-unicast
      NLRI of received end-of-rib markers: inet-unicast
      NLRI of all end-of-rib markers sent: inet-unicast
      Peer does not support LLGR Restarter or Receiver functionality
      Peer does not support 4 byte AS extension
      Peer does not support Addpath
      Table VPN-Internet.inet.0 Bit: a0001
        RIB State: BGP restart is complete
        RIB State: VPN restart is complete
        Send state: in sync
        Active prefixes:              4
        Received prefixes:            4
        Accepted prefixes:            4
        Suppressed due to damping:    0
        Advertised prefixes:          1
      Last traffic (seconds): Received 6    Sent 24   Checked 9659869
      Input messages:  Total 370127Updates 18Refreshes 0Octets 7032777
      Output messages: Total 354085Updates 1Refreshes 0Octets 6727661
      Output Queue[9]: 0            (VPN-Internet.inet.0, inet-unicast)

    ================

    this configuration work fine and have not  ebgp-multihop !!



    ------------------------------
    Dhikra Marghli
    ------------------------------

    Original Message


  • 6.  RE: peer bgp is connected not to establiched

    Posted 20 days ago

    Hi Dhikra,

    In your most recent output I see:

    interdata-noc@ROSES-RMB01-SIEGE-ESP> show bgp neighbor 192.168.78.4 
    Peer: 192.168.78.4+52772 AS 65426 Local: 192.168.78.2+179 AS 65011

    while in the previous one I see:

    show bgp neighbor 192.168.78.4
    Peer: 192.168.78.4+179 AS 65427 Local: 192.168.78.3 AS 65011

    So, your source IP address has changed - you probably reconfigured the interface ge-0/0/0.0. 

    In that case, I'd say that the message is expected - if you change the local endpoint of the BGP session, then the session will reset.

    Nothing strange in my opinion.



    ------------------------------
    Berislav Todorovic
    ------------------------------

    Original Message


  • 7.  RE: peer bgp is connected not to establiched

    Posted 20 days ago

    RMB01  is router principale . it is  ok ==> state establiched 

    interdata-noc@ROSES-RMB01-SIEGE-ESP> show bgp neighbor 192.168.78.4 
    Peer: 192.168.78.4+52772 AS 65426     Local: 192.168.78.2+179 AS 65011
      Group: eBGP-VPN-Internet     Routing-Instance: VPN-Internet
      Forwarding routing-instance: VPN-Internet  
      Type: External    State: Established    Flags: <Sync>
      Last State: OpenConfirm   Last Event: RecvKeepAlive

    ROSES-RMB02===>  router backup .  state connect 

    interdata-noc@ROSES-RMB02-SIEGE-ESP> show bgp neighbor 192.168.78.4    
    Peer: 192.168.78.4 AS 65426    Local: 192.168.78.3 AS 65011
      Group: eBGP-VPN-Internet     Routing-Instance: VPN-Internet
      Forwarding routing-instance: VPN-Internet  
      Type: External    State: Active         Flags: <>
      Last State: Idle          Last Event: Start
      Last Error: Cease
      Export: [ EXPORT-eBGP-VPN-Internet ] Import: [ IMPORT-eBGP-VPN-Internet ]
      Options: <Preference AddressFamily PeerAS Refresh>
      Options: <BfdEnabled>
      Options: <GracefulShutdownRcv>
      Address families configured: inet-unicast
      Holdtime: 90 Preference: 170
      Graceful Shutdown Receiver local-preference: 0
      Number of flaps: 2
      Last flap event: Stop
      Error: 'Cease' Sent: 2 Recv: 0



    ------------------------------
    Dhikra Marghli
    ------------------------------

    Original Message


  • 8.  RE: peer bgp is connected not to establiched

    Posted 20 days ago

    Hi Dhikra,

    Apologies, your previous messages were confusing a bit. I thought you were asking about the syslog message, while you didn't mention that your BGP session is still down. Also, you didn't mention that you have 2 BGP speakers, each having a BGP session with the remote router. As others already suggested, try turning traceoptions on. Also, can you check if the interface connecting the router to the common LAN segment [192.168.78.*] on the backup router is up and running? Can you ping all 3 routers from each other?

    If you have the basic connectivity, traceoptions on BGP would give you more insight in what exactly is going on.



    ------------------------------
    Berislav Todorovic
    ------------------------------

    Original Message


  • 9.  RE: peer bgp is connected not to establiched

    Posted 20 days ago 
     When the upper bound is reached, the
   speaker, under control of local configuration,

     either (a) discards
   new address prefixes from the neighbor (while maintaining the BGP
   connection with the neighbor),

    or (b) terminates the BGP connection
   with the neighbor.

    If the BGP speaker decides to terminate its BGP
   connection with a neighbor because the number of address prefixes
   received from the neighbor exceeds the locally-configured, upper
   bound, then the speaker MUST send the neighbor a NOTIFICATION message
   with the Error Code Cease.

    The speaker MAY also log this locally

    from document offciel BGP




    ------------------------------
    Dhikra Marghli
    ------------------------------

    Original Message