Re: BGP - Connection refused by remote host

From: Dan C (cdan2154@gmail.com)
Date: Fri Feb 15 2008 - 10:11:44 ARST

• Next message: Mick Vaites: "Frame-relay inverse-arp ..."
• Previous message: CCIE RS: "RE: Finally Pass Voice Lab on first attempt"
• Maybe in reply to: Cristian Ionescu: "BGP - Connection refused by remote host"
• Next in thread: Cristian Ionescu: "Re: BGP - Connection refused by remote host"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Cristian,

Having another look at the output it looks like the TCP is bound to your
loopback address instead of the interface address. Adding nei
x.x.x.xupdate-source loopback 0 may solve this issue

Cheers, Dan

On Fri, Feb 15, 2008 at 6:50 PM, Cristian Ionescu <
cristian.ionescu@omnilogic.ro> wrote:

> Hi and thanks for all answers.
>
> 1. The config on FR on R6 is straight forward...nothing special. I have
> ping to BB even with source Loop0
>
> 2. I have tried to peer using a different update source (the loop 0) and
> i have the same output:
> *Feb 14 11:33:31.259: BGP: 54.1.1.254 open active, local address 150.1.6.6
> TCB45114344 created
> *Feb 14 11:46:32.839: TCB45114344 setting property TCP_WINDOW_SIZE (0)
> 4511D1C8
> *Feb 14 11:46:32.839: TCB45114344 setting property TCP_MD5KEY (5) 0
> *Feb 14 11:46:32.839: TCB45114344 setting property TCP_TOS (11) 4511D1A8
> *Feb 14 11:46:32.839: TCB45114344 setting property TCP_OUT_TTL (24)
> 46B25A2A
> *Feb 14 11:46:32.839: TCP: Random local port generated 53511
> *Feb 14 11:46:32.839: TCB45114344 bound to 150.1.6.6.53511
> *Feb 14 11:46:32.839: TCP: sending SYN, seq 664141347, ack 0
> *Feb 14 11:46:32.839: TCP0: Connection to 54.1.1.254:179, advertising
> MSS 1460
> *Feb 14 11:46:32.839: TCP0: state was CLOSED -> SYNSENT [53511 ->
> 54.1.1.254(179)]
> *Feb 14 11:46:32.839: TCP0: state was SYNSENT -> CLOSED [53511 ->
> 54.1.1.254(179)]
> *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254 -- closing
> connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0 len 0
> *Feb 14 11:46:32.843: TCP0: connection closed - remote sent RST
> *Feb 14 11:46:32.843: TCB 0x45114344 destroyed
> *Feb 14 11:33:31.259: BGP: 54.1.1.254 open failed: Connection refused by
> remote host, open active delayed 29499ms (32000ms max, 28% jitter)
>
> 3. The other end has for sure BGP configured
>
> 4. There is no ACL on R6
>
> I will try to hardcoded the router id and do debug ip packet detail to
> see the output....
>
> Regards
> Cristian Ionescu
>
>
>
> Dan C wrote:
> > Hi Cristian,
> >
> > Looking at : *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254
> > <http://54.1.1.254/> -- closing
> > connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0 len 0
> >
> > rcvnxt 0 rcvwnd 0 len 0 ----- your peer ( bb router ) is not aware of
> > the tcp connection.
> >
> > Few solutions may address this issue:
> >
> > Ping peer bb router using your loopback ip address, if ok, try hard
> > code the bgp router-id to the loopback.
> > If not create a new loopback int and use that ip address as bgp
> > router-id.
> >
> > Check for any MTU mismatch using extended ping sweeping between 1400
> > 1500 size
> >
> > Any ACL on R6 ?
> >
> > Cheers, Dan
> >
> > On Thu, Feb 14, 2008 at 11:40 PM, Cristian Ionescu
> > <cristian.ionescu@omnilogic.ro <mailto:cristian.ionescu@omnilogic.ro>>
> > wrote:
> >
> > Hi GS
> >
> > I have a strange situation with a "simple" BGP peering session.
> > I have 2 router connected over FR in different AS-es and i want to
> > establish a peering session between them. Let's say i do not know
> the
> > config of BB.
> >
> > AS100 - - - - - AS54
> > R6 <----------> BB
> >
> > The config of R6 is:
> >
> > R6#
> > interface Loopback0
> > ip address 150.1.6.6 <http://150.1.6.6> 255.255.255.0
> > <http://255.255.255.0>
> > !
> > interface Serial0/0/0
> > ip address 54.1.1.6 <http://54.1.1.6> 255.255.255.0
> > <http://255.255.255.0>
> > !
> > router bgp 100
> > no synchronization
> > bgp log-neighbor-changes
> > neighbor 54.1.1.254 <http://54.1.1.254> remote-as 54
> > no auto-summary
> > !
> >
> >
> > BB is directly connected and the peer address is 54.1.1.254
> > <http://54.1.1.254> (i have ping
> > to this address)
> >
> > I get the following debug output:
> >
> > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254> open
> > active, local address 54.1.1.6 <http://54.1.1.6>
> > TCB45114344 created
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_WINDOW_SIZE
> (0)
> > 4511D1C8
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_MD5KEY (5) 0
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_TOS (11)
> > 4511D1A8
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_OUT_TTL (24)
> > 46B25A2A
> > *Feb 14 11:46:32.839: TCP: Random local port generated 53511
> > *Feb 14 11:46:32.839: TCB45114344 bound to 54.1.1.6.53511
> > *Feb 14 11:46:32.839: TCP: sending SYN, seq 664141347, ack 0
> > *Feb 14 11:46:32.839: TCP0: Connection to 54.1.1.254:179
> > <http://54.1.1.254:179>, advertising
> > MSS 1460
> > *Feb 14 11:46:32.839: TCP0: state was CLOSED -> SYNSENT [53511 ->
> > 54.1.1.254(179)]
> > *Feb 14 11:46:32.839: TCP0: state was SYNSENT -> CLOSED [53511 ->
> > 54.1.1.254(179)]
> > *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254
> > <http://54.1.1.254> -- closing
> > connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0 len 0
> > *Feb 14 11:46:32.843: TCP0: connection closed - remote sent RST
> > *Feb 14 11:46:32.843: TCB 0x45114344 destroyed
> > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254> open
> > failed: Connection refused by
> > remote host, open active delayed 29499ms (32000ms max, 28% jitter)
> >
> > Can u please tell me where is the problem? What is the cause of this
> > kind of error message?
> >
> > Regards
> > Cristian Ionescu
> >
> > This message (including any attachments) is intended only for
> > the use of the individual or entity to which it is addressed and
> > may contain information that is non-public, proprietary,
> > privileged, confidential, and exempt from disclosure under
> > applicable law or may constitute as attorney work product.
> > If you are not the intended recipient, you are hereby notified
> > that any use, dissemination, distribution, or copying of this
> > communication is strictly prohibited. If you have received this
> > communication in error, notify us immediately by telephone and
> > (i) destroy this message if a facsimile or (ii) delete this message
> > immediately if this is an electronic communication.
> >
> > Thank you,
> > Support Team
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
>
> This message (including any attachments) is intended only for
> the use of the individual or entity to which it is addressed and
> may contain information that is non-public, proprietary,
> privileged, confidential, and exempt from disclosure under
> applicable law or may constitute as attorney work product.
> If you are not the intended recipient, you are hereby notified
> that any use, dissemination, distribution, or copying of this
> communication is strictly prohibited. If you have received this
> communication in error, notify us immediately by telephone and
> (i) destroy this message if a facsimile or (ii) delete this message
> immediately if this is an electronic communication.
>
> Thank you,
> Support Team

• Next message: Mick Vaites: "Frame-relay inverse-arp ..."
• Previous message: CCIE RS: "RE: Finally Pass Voice Lab on first attempt"
• Maybe in reply to: Cristian Ionescu: "BGP - Connection refused by remote host"
• Next in thread: Cristian Ionescu: "Re: BGP - Connection refused by remote host"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:48 ARST