BGP neighbor/configuration testing

• Previous message (by thread): BGP neighbor/configuration testing
• Next message (by thread): BGP neighbor/configuration testing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The auth error was transient, forget about it.

Now you're getting 6/1 - maximum number of prefixes reached.

http://tools.ietf.org/html/rfc4486
(or
http://backupsalmanaja.blogspot.ie/2009/12/bgp-cease-notification-messages.htmlif
you prefer).

HTH



On 25 November 2013 23:07, Eric A Louie <elouie at yahoo.com> wrote:

> All Cisco/Cisco, I don't have a Juniper here to test with
>
> mismatch AS
> *Apr  9 00:31:47.691: %BGP-3-NOTIFICATION: received from neighbor
> 10.250.254.253 2/2 (peer in wrong AS) 2 bytes 6A39
>
> mismatch neighbor IP address
> no logged error
>
> MTU mismatch
> no logged error, session remained up
>
> Subnet mask mismatch
> session remained up, no logged error
>
> I haven't created the multihop scenario to see the error messages.
>
>
> None of these issues caused the (authentication failure).
>
>
>
>
>
> >________________________________
> > From: Chuck Anderson <cra at WPI.EDU>
> >To: nanog at nanog.org
> >Sent: Monday, November 25, 2013 11:10 AM
> >Subject: Re: BGP neighbor/configuration testing
> >
> >
> >Authentication failure might mean (without knowing for sure which on
> >Cisco):
> >
> >- mismatch AS numbers
> >- mismatch neighbor IP addresses
> >- multihop/TTL issues
> >- MTU issues
> >
> >On Mon, Nov 25, 2013 at 11:06:33AM -0800, Eric A Louie wrote:
> >> That's a natural first impression but there are no passwords configured
> on the BGP session on either router.  I know it looks like an
> authentication error but it's a "misnomer" (at least from the searches I
> did on the error message).  From the sequence of messages, we get
> Established and 2 seconds later the session Closes.  The reason for the
> Close may lead us to the solution.
> >>
> >> I'm reluctant to turn on debug bgp because this is a live production
> router, and if I hose it, there will be a lot of 'splainin to do [1]
> >>
> >> [1]
> http://www.quotecounterquote.com/2011/05/lucy-you-got-some-splainin-to-do.html
> >>
> >>
> >>
> >>
> >>
> >> >________________________________
> >> > From: Daniel Rohan <drohan at gmail.com>
> >> >To: Eric A Louie <elouie at yahoo.com>
> >> >Cc: Joe Abley <jabley at hopcount.ca>; "nanog at nanog.org" <nanog at nanog.org
> >
> >> >Sent: Monday, November 25, 2013 10:55 AM
> >> >Subject: Re: BGP neighbor/configuration testing
> >> >
> >> >
> >> >
> >> >Seems like:
> >> >
> >> >Nov 25 06:28:34.837 pacific: %BGP-3-NOTIFICATION: received from
> neighbor xxx.118.92.149 2/5 (authentication failure) 0 bytes
> >> >>
> >> >should be a good starting place. I'm assuming you've already discussed
> auth keys with your provider and if everyone is putting that in correctly,
> I'd suggest turning on debugging to see what exactly that message is all
> about.
> >> >
> >> >
> >> >Dan
> >
> >
> >
> >
>

• Previous message (by thread): BGP neighbor/configuration testing
• Next message (by thread): BGP neighbor/configuration testing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]