From: Adel Abushaev (adel@netmasterclass.net)
Date: Sun Feb 17 2008 - 17:14:11 ARST
When the source is a loopback, ebgp-multihop must also be configured.
I would suspect that the remote bgp peer in the AS 54 expects a different
source IP address, because it's that end that closes the connection by
setting RST in TCP header.
Adel.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Dan
C
Sent: Friday, February 15, 2008 1:53 PM
To: Cristian Ionescu
Cc: Cisco certification
Subject: Re: BGP - Connection refused by remote host
Hi Cristian,
I will recreate the scenario and I will try to get to the same point as you.
I would also hard code the bgp router id and use ebgp multihop and see how
it goes.
Cheers,
Dan
On Sat, Feb 16, 2008 at 12:22 AM, Cristian Ionescu <
cristian.ionescu@omnilogic.ro> wrote:
> You r right but ei x.x.x.x update-source loopback 0 does not solve the
> problem......
> u can try it and see it is not working...
>
> Dan C wrote:
> > Hi Cristian,
> >
> > Having another look at the output it looks like the TCP is bound to
> > your loopback address instead of the interface address. Adding nei
> > x.x.x.x update-source loopback 0 may solve this issue
> >
> > Cheers, Dan
> >
> > On Fri, Feb 15, 2008 at 6:50 PM, Cristian Ionescu
> > <cristian.ionescu@omnilogic.ro <mailto:cristian.ionescu@omnilogic.ro>>
> > wrote:
> >
> > Hi and thanks for all answers.
> >
> > 1. The config on FR on R6 is straight forward...nothing special. I
> > have
> > ping to BB even with source Loop0
> >
> > 2. I have tried to peer using a different update source (the loop
> > 0) and
> > i have the same output:
> > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254> open
> > active, local address 150.1.6.6 <http://150.1.6.6>
> > TCB45114344 created
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_WINDOW_SIZE
> (0)
> > 4511D1C8
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_MD5KEY (5) 0
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_TOS (11)
> > 4511D1A8
> > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_OUT_TTL (24)
> > 46B25A2A
> > *Feb 14 11:46:32.839: TCP: Random local port generated 53511
> > *Feb 14 11:46:32.839: TCB45114344 bound to 150.1.6.6.53511
> > *Feb 14 11:46:32.839: TCP: sending SYN, seq 664141347, ack 0
> > *Feb 14 11:46:32.839: TCP0: Connection to 54.1.1.254:179
> > <http://54.1.1.254:179>, advertising
> > MSS 1460
> > *Feb 14 11:46:32.839: TCP0: state was CLOSED -> SYNSENT [53511 ->
> > 54.1.1.254(179)]
> > *Feb 14 11:46:32.839: TCP0: state was SYNSENT -> CLOSED [53511 ->
> > 54.1.1.254(179)]
> > *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254
> > <http://54.1.1.254> -- closing
> > connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0 len 0
> > *Feb 14 11:46:32.843: TCP0: connection closed - remote sent RST
> > *Feb 14 11:46:32.843: TCB 0x45114344 destroyed
> > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254> open
> > failed: Connection refused by
> > remote host, open active delayed 29499ms (32000ms max, 28% jitter)
> >
> > 3. The other end has for sure BGP configured
> >
> > 4. There is no ACL on R6
> >
> > I will try to hardcoded the router id and do debug ip packet detail
> to
> > see the output....
> >
> > Regards
> > Cristian Ionescu
> >
> >
> >
> > Dan C wrote:
> > > Hi Cristian,
> > >
> > > Looking at : *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254
> > <http://54.1.1.254>
> > > <http://54.1.1.254/> -- closing
> > > connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0 len 0
> > >
> > > rcvnxt 0 rcvwnd 0 len 0 ----- your peer ( bb router ) is not
> > aware of
> > > the tcp connection.
> > >
> > > Few solutions may address this issue:
> > >
> > > Ping peer bb router using your loopback ip address, if ok, try
> hard
> > > code the bgp router-id to the loopback.
> > > If not create a new loopback int and use that ip address as bgp
> > > router-id.
> > >
> > > Check for any MTU mismatch using extended ping sweeping between
> 1400
> > > 1500 size
> > >
> > > Any ACL on R6 ?
> > >
> > > Cheers, Dan
> > >
> > > On Thu, Feb 14, 2008 at 11:40 PM, Cristian Ionescu
> > > <cristian.ionescu@omnilogic.ro
> > <mailto:cristian.ionescu@omnilogic.ro>
> > <mailto:cristian.ionescu@omnilogic.ro
> > <mailto:cristian.ionescu@omnilogic.ro>>>
> > > wrote:
> > >
> > > Hi GS
> > >
> > > I have a strange situation with a "simple" BGP peering
> session.
> > > I have 2 router connected over FR in different AS-es and i
> > want to
> > > establish a peering session between them. Let's say i do not
> > know the
> > > config of BB.
> > >
> > > AS100 - - - - - AS54
> > > R6 <----------> BB
> > >
> > > The config of R6 is:
> > >
> > > R6#
> > > interface Loopback0
> > > ip address 150.1.6.6 <http://150.1.6.6> <http://150.1.6.6>
> > 255.255.255.0 <http://255.255.255.0>
> > > <http://255.255.255.0>
> > > !
> > > interface Serial0/0/0
> > > ip address 54.1.1.6 <http://54.1.1.6> <http://54.1.1.6>
> > 255.255.255.0 <http://255.255.255.0>
> > > <http://255.255.255.0>
> > > !
> > > router bgp 100
> > > no synchronization
> > > bgp log-neighbor-changes
> > > neighbor 54.1.1.254 <http://54.1.1.254> <http://54.1.1.254>
> > remote-as 54
> > > no auto-summary
> > > !
> > >
> > >
> > > BB is directly connected and the peer address is 54.1.1.254
> > <http://54.1.1.254>
> > > <http://54.1.1.254> (i have ping
> > > to this address)
> > >
> > > I get the following debug output:
> > >
> > > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254>
> > <http://54.1.1.254> open
> > > active, local address 54.1.1.6 <http://54.1.1.6>
> > <http://54.1.1.6>
> > > TCB45114344 created
> > > *Feb 14 11:46:32.839: TCB45114344 setting property
> > TCP_WINDOW_SIZE (0)
> > > 4511D1C8
> > > *Feb 14 11:46:32.839: TCB45114344 setting property
> > TCP_MD5KEY (5) 0
> > > *Feb 14 11:46:32.839: TCB45114344 setting property TCP_TOS
> (11)
> > > 4511D1A8
> > > *Feb 14 11:46:32.839: TCB45114344 setting property
> > TCP_OUT_TTL (24)
> > > 46B25A2A
> > > *Feb 14 11:46:32.839: TCP: Random local port generated 53511
> > > *Feb 14 11:46:32.839: TCB45114344 bound to 54.1.1.6.53511
> > > *Feb 14 11:46:32.839: TCP: sending SYN, seq 664141347, ack 0
> > > *Feb 14 11:46:32.839: TCP0: Connection to 54.1.1.254:179
> > <http://54.1.1.254:179>
> > > <http://54.1.1.254:179>, advertising
> > > MSS 1460
> > > *Feb 14 11:46:32.839: TCP0: state was CLOSED -> SYNSENT
> > [53511 ->
> > > 54.1.1.254(179)]
> > > *Feb 14 11:46:32.839: TCP0: state was SYNSENT -> CLOSED
> > [53511 ->
> > > 54.1.1.254(179)]
> > > *Feb 14 11:46:32.839: TCP0: bad seg from 54.1.1.254
> > <http://54.1.1.254>
> > > <http://54.1.1.254> -- closing
> > > connection: port 53511 seq 0 ack 664141348 rcvnxt 0 rcvwnd 0
> > len 0
> > > *Feb 14 11:46:32.843: TCP0: connection closed - remote sent
> RST
> > > *Feb 14 11:46:32.843: TCB 0x45114344 destroyed
> > > *Feb 14 11:33:31.259: BGP: 54.1.1.254 <http://54.1.1.254>
> > <http://54.1.1.254> open
> > > failed: Connection refused by
> > > remote host, open active delayed 29499ms (32000ms max, 28%
> > jitter)
> > >
> > > Can u please tell me where is the problem? What is the cause
> > of this
> > > kind of error message?
> > >
> > > Regards
> > > Cristian Ionescu
> > >
> > > This message (including any attachments) is intended only for
> > > the use of the individual or entity to which it is addressed
> and
> > > may contain information that is non-public, proprietary,
> > > privileged, confidential, and exempt from disclosure under
> > > applicable law or may constitute as attorney work product.
> > > If you are not the intended recipient, you are hereby notified
> > > that any use, dissemination, distribution, or copying of this
> > > communication is strictly prohibited. If you have received
> this
> > > communication in error, notify us immediately by telephone and
> > > (i) destroy this message if a facsimile or (ii) delete this
> > message
> > > immediately if this is an electronic communication.
> > >
> > > Thank you,
> > > Support Team
> > >
> > >
> >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> >
> > This message (including any attachments) is intended only for
> > the use of the individual or entity to which it is addressed and
> > may contain information that is non-public, proprietary,
> > privileged, confidential, and exempt from disclosure under
> > applicable law or may constitute as attorney work product.
> > If you are not the intended recipient, you are hereby notified
> > that any use, dissemination, distribution, or copying of this
> > communication is strictly prohibited. If you have received this
> > communication in error, notify us immediately by telephone and
> > (i) destroy this message if a facsimile or (ii) delete this message
> > immediately if this is an electronic communication.
> >
> > Thank you,
> > Support Team
> >
> >
>
> This message (including any attachments) is intended only for
> the use of the individual or entity to which it is addressed and
> may contain information that is non-public, proprietary,
> privileged, confidential, and exempt from disclosure under
> applicable law or may constitute as attorney work product.
> If you are not the intended recipient, you are hereby notified
> that any use, dissemination, distribution, or copying of this
> communication is strictly prohibited. If you have received this
> communication in error, notify us immediately by telephone and
> (i) destroy this message if a facsimile or (ii) delete this message
> immediately if this is an electronic communication.
>
> Thank you,
> Support Team
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:48 ARST