RE: eBGP peer configured neighbor address discovery

From: Huan Pham (huan.pham@valuenet.com.au)
Date: Tue Apr 01 2008 - 00:20:08 ART

• Next message: Joseph Saad: "Re: Port channel load balance"
• Previous message: Mike Haddad: "RE: Multicast Grouping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Chan,

As the BGP session ISP trying to establish is pointing to a different IP,
all those packets are dropped & not processed by your router. I believe no
BGP debug commands will interpret those packets.

One way to force the router to "process" those irrelevant BGP packets is to
set up an access-list and apply it to the interface in the inbound
direction. This will display all incoming packets with source/destination IP
info, even if the packets are not addressed to the local router.

See log message below, you notice TCP packets with destination 202.1.1.100.

202.1.1.254(40464) -> 202.1.1.100(179)

R1#
access-list 100 permit tcp any any eq bgp log
access-list 100 permit tcp any eq bgp any log
access-list 100 permit ip any any

interface Serial1/1
 ip address 202.1.1.1 255.255.255.0
 ip access-group 100 in

R1#
*Mar 1 00:15:23.143: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(179) -> 202.1.1.1(33725), 1 packet
*Mar 1 00:15:50.027: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(179) -> 202.1.1.1(53753), 1 packet
*Mar 1 00:16:20.539: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(179) -> 202.1.1.1(16641), 1 packet
*Mar 1 00:16:48.155: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(40464) -> 202.1.1.100(179), 1 packet
*Mar 1 00:16:54.459: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(179) -> 202.1.1.1(39740), 1 packet
*Mar 1 00:17:22.935: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(179) -> 202.1.1.1(42902), 1 packet
*Mar 1 00:17:51.243: %SEC-6-IPACCESSLOGP: list 100 permitted tcp
202.1.1.254(43336) -> 202.1.1.100(179), 1 packet

Cheers,
 
Huan

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of C
Chan
Sent: Tuesday, 1 April 2008 12:14 PM
To: Cisco certification
Subject: eBGP peer configured neighbor address discovery

Hi Expert,

Is there any BGP debug command to discover the eBGP peer's configured
neighbor address?

For example,
Actual IP address:
R1 (202.1.1.1) AS 100 <-> ISP_R (202.1.1.254) (AS 200)

BGP R1 (neighbor 202.1.1.254 remote 200)

*Hidden config from internal network admin*
BGP ISP_R (neighbor 202.1.1.100 remote 100) <<< I do not have visibility on
ISP router config. How can I debug this tricky address on R1?

Regards,
CH

• Next message: Joseph Saad: "Re: Port channel load balance"
• Previous message: Mike Haddad: "RE: Multicast Grouping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2008 - 08:25:49 ART