bgp troubleshooting scenarios
BGP Troubleshooting
Scenario 1-
There are some reason router do not establish neighborship with peer-
This is very important question for interview also
1) Peer ip address is not reachable.
2) port 179 is blocked by a firewall or access list.
3) BGP configuration is not correct like wrong peer address local-as or remote-as, wrong AS number, wrong authentication/MD5 password or wrong update-source loopback.
4) static route is missing for loopback address end to end.
5) TTL=1 for ebgp neighbor. ebgp-multihop is not configured.
6) MD5 authentication has "space" in password and router-id between BGP neighbors duplicate
Solution of above issue ----
-->> Ensure BGP local and remote AS configuration is correct.
-->> MD5 authentication password is correct on both sides without spaces.
-->> Verify update-source loopbak and ebgp-multihop.
-->> MD5 authentication password is correct on both sides without spaces.
-->> Verify update-source loopbak and ebgp-multihop.
-->>) port 179 is allowed in the path boh end via access-list. Ensure firwall is not blocking.
Use debug command for troubleshooting --
Debugging command :
debug ip bgp
debug ip tcp transaction
Scenario 2 -
BGP neighbor ship is flapping and getting reset
1. Keep alive mismatch
2. MTU mismatch.
3. Hellos are stuck in OutQ behind update packets.
4. Remote router rebooting continually (typical with a 3-5 minute BGP peering cycle time)
5. Remote router BGP process unstable, restarting
6. Traffic Shaping & Rate Limiting parameters
7. MTU incorrectly set on links, PMTU discovery disabled on the router.
8. Output drops on the interface or congestion in the queue.
9. High CPU on the router or CPU spike on router
2. MTU mismatch.
3. Hellos are stuck in OutQ behind update packets.
4. Remote router rebooting continually (typical with a 3-5 minute BGP peering cycle time)
5. Remote router BGP process unstable, restarting
6. Traffic Shaping & Rate Limiting parameters
7. MTU incorrectly set on links, PMTU discovery disabled on the router.
8. Output drops on the interface or congestion in the queue.
9. High CPU on the router or CPU spike on router
Solutions of the above questions --
-->> Make sure you have same keep alive on both routes.
-->> Make sure you have the same MTU and can ping MTU 1500 with DF bit set.
-->> If MTU mismatch can not be fixed, can use path-MTU discovery to overcome.
Scenario 3 --
Router is not installing routes in RIB and ignoring
1. Paths that are marked as not synchronized in the show ip bgp longer-prefixes output
2.Paths for which the NEXT_HOP is inaccessible
3.Paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH
4.If you enabled bgp enforce-first-as and the UPDATE does not contain the AS of the neighbor as the first AS number in the AS_SEQUENCE
5.Paths that are marked as (received-only) in the show ip bgp longer-prefixes output
Solutions of the above questions --
Be sure that there is an Interior Gateway Protocol (IGP) route to the NEXT_HOP that is associated with the path
Scenario 4 -
Router is not installing routes in BGP Table and Router is not advertising route to another BGP peer
1. No router in global routing table for the network command configured in BGP.
2. No matching route in BGP table for the aggregate-command configured in BGP.
3. Same router-ID in routes coming from Router-reflector in Originator-ID attributes.
4. Same router-IS in routes coming from router-reflector from same cluster-ID.
2. No matching route in BGP table for the aggregate-command configured in BGP.
3. Same router-ID in routes coming from Router-reflector in Originator-ID attributes.
4. Same router-IS in routes coming from router-reflector from same cluster-ID.
Solutions of the above questions --
1. No matching route in routing table.
2. Filter is discarding route.
2. Filter is discarding route.
No comments