Re: [nsp] BGP peering Cisco - Baynetwork router

From: Sean Butler (sebutler@us.ibm.com)
Date: Mon Sep 21 1998 - 16:50:18 EDT


>I got a problem peering with a Bay-router running ver. 11.03rev4. After
>peering for month with IOS 11.2(7), I'd loaded IOS 11.1(20)CC for running
>CEF on my Cisco, the BGP session never came back with the BAY router. It
>is working to all my Cisco neighbor's.
>
>Debugging on the BAY, say as follow.
>
>packet source
>278 Bay-router BGP Open without options
>280 Cisco-router BGP Open with option type 2 (len = 6bytes: 01 04
>00 01 00 01)
>281 Bay-router BGP Open_message_error: unsupported option
>282 Bay-router TCP FINACK
>283 Cisco-router TCP ACK
>
>Hmmmmm ..... any idea ?????

Here is a post from about a month ago that explains the problem
and fix:

>>This particular Cisco-ism has bitten us (COLT) twice now and so I
>>figure it's worthy of an audience on this list. Apologies if you've
>>already heard the tail via nanog@ or other sources.
>>
>>It seems that the IOS 11.1(20)CC (on 72xx and 75xx at least)
>>introduces a few new features designed to support Multiprotocol
>>Extensions to BGP4 (aka MBGP as per RFC2283) including a feature to
>>negotiate capabilities of the remote peer.
>>
>>Unfortunately this seems to trip up certain other IPv4-only BGP
>>implementations including at least Bay users[1], Ascend and most
>>probably other vendors using GateD-based routing daemons (3.5Bx -
>>unsure about the 4.x/Multicase series).
>>
>>In our case, an Ascend GRF 400 with 1.3.11 software, the problem is
>>visible via GateD dropping the peering session with the following
>>error message (note the typo in authentication!):
>>
>> gated: bgp_get_open: peer 195.66.225.50 (External AS 3320): unknown
>>athentication code 8 used
>>
>>As far as I know there is no workaround within GateD (indeed the GateD
>>consortium source seems to suggest that all bets are off if the
>>authentication code is anything other than zero). The only fix seems
>>to be to configure up the GateD neighbour on the Cisco as:
>>
>> neighbour X.X.X.X dont-capability-negotiate
>>
>>at which point the peers can talk again.
>>
>>One to watch out for.
>>
>>-- Adam Chappell,
>> Lead Network Engineer,
>> COLT Internet.

___________________________________
Sean Butler, CCIE #3897
IBM Global Services -- OpenNet Support
Phone: 8-631-9809, 813-523-7353
Fax: 8-427-5475 813-878-5475
Internet email: sebutler@us.ibm.com



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:18 EDT