top of page
Search

BGP Troubleshooting in advanced

Aug 18, 20193 min read

Updated: Jan 22


BGP Troubleshooting Guide



Problem 1: BGP Peer is not getting established between routers.

Causes:

  1. Peer IP address is not reachable – Ensure that the IP address of the peer is reachable.

  2. Port 179 is blocked by firewall or access-list – Check if port 179 (BGP) is blocked between the routers.

  3. Incorrect BGP configuration – Ensure the BGP configuration is correct:

    • Wrong peer address, local-AS, or remote-AS.

    • Incorrect AS number, wrong authentication (MD5 password), or wrong update-source (Loopback).

  4. Static route is missing for loopback address – Ensure that there is a static route for the loopback address at both ends.

  5. TTL=1 for eBGP neighbor; eBGP-multihop is not configured – Set ebgp-multihop to allow the eBGP session over multiple hops.

  6. MD5 authentication has "space" in password – Ensure no spaces are present in the MD5 authentication password.

  7. Duplicate router-id between BGP neighbors – Ensure that router IDs are unique between BGP peers.

Debugging Commands:

  • debug ip bgp

  • debug ip tcp transaction

  • debug ip bgp events

Solutions:

  • Ensure the local and remote AS configurations are correct.

  • Verify the MD5 authentication password is correct on both sides without spaces.

  • Check the update-source (Loopback) and ebgp-multihop configuration.

  • Ensure port 179 is allowed through firewalls and access-lists.

Problem 2: BGP Neighbor is Flapping and Getting Reset.

Causes:

  1. Keep-alive mismatch – Ensure keep-alive timers are the same on both routers.

  2. MTU mismatch – Ensure MTU settings are consistent.

  3. Hellos stuck in OutQ behind update packets – Examine and clear the update queue.

  4. Remote router rebooting continually – This could happen if the remote router has frequent restarts.

  5. Remote router BGP process unstable or restarting – Check the stability of the BGP process on the remote router.

  6. Traffic shaping and rate-limiting parameters – Review traffic shaping and rate-limiting configurations.

  7. MTU incorrectly set on links, PMTU discovery disabled – Ensure PMTU discovery is enabled and MTU settings are correct.

  8. Output drops on the interface or congestion on the queue – Check for interface drops or congestion.

  9. High CPU or CPU spike on the router – Check CPU usage on the router.

Solutions:

  • Ensure keep-alive timers are the same on both routers.

  • Make sure the MTU is the same, and you can ping with the DF bit set (ping <destination> size 1500 df-bit).

  • If you cannot fix the MTU mismatch, enable Path MTU Discovery.

Tip:BGP update packets are packed to the size of the MTU; keep-alives and BGP OPEN packets are not. This could indicate a Path MTU problem.

Problem 3: Router is Not Installing Routes in RIB and Ignoring Them.

Causes:

  1. Paths marked as not synchronized – This is typically seen in older configurations when BGP synchronization is enabled.

  2. NEXT_HOP is inaccessible – Ensure that the NEXT_HOP is reachable through the IGP.

  3. Paths from an eBGP neighbor where local AS appears in the AS_PATH – This could cause the path to be rejected.

  4. bgp enforce-first-as is enabled – If the UPDATE does not contain the AS of the neighbor as the first AS number in the AS_SEQUENCE, it will be rejected.

  5. Paths marked as (received-only) – This may indicate a route that is received but not advertised.

Solution:

  • Ensure that there is a valid IGP route to the NEXT_HOP associated with the path.

Problem 4: Router is Not Installing Routes in BGP Table.

Causes:

  1. No matching route in the global routing table for the network command in BGP – Ensure the network is present in the global routing table.

  2. No matching route for the aggregate-command in BGP – Check if the aggregate address matches an existing route.

  3. Same router-ID in routes from Router-Reflector in Originator-ID – This could happen when multiple routers have the same router-ID, leading to conflicts.

  4. Same router-ID in routes coming from router-reflector in the same cluster-ID – Ensure the router-reflector has unique IDs within the cluster.

Problem 5: Router is Not Advertising Route to Another BGP Peer.

Causes:

  1. No matching route in routing table – Ensure that there is a matching route in the routing table before BGP can advertise it.

  2. Filter is discarding the route – Check if there are any route filters (prefix-lists, route-maps) discarding the route.

General Solutions for Common Issues:

  • Verify Routing Table: Ensure that the routing table has valid routes and is reachable.

  • Ensure Network Statements Are Correct: Make sure the correct network is being advertised by BGP with the proper network command.

  • Check Filters and Route Maps: Confirm that no policies are inadvertently filtering out routes.

  • Verify AS Path and MD5 Configuration: Double-check configurations, including MD5 authentication and AS numbers.

 
 
 

TAgs

Categorys

bottom of page