[c-nsp] Stranges with BGP

Alexey Luckyanchikov alexl at alkar.net
Mon Dec 13 11:39:59 EST 2004


On Mon, 13 Dec 2004, Rodney Dunn wrote:

RD> I don't think that's it.  That was the bug from
RD> 4 years ago where somone leaked a long AS PATH
RD> update that caused the problem.

Yes, I read advisory. But 12.2S seems not affected by that bug. This
train was not exist in 2001 :)

RD> What does the BGP configuration look like on both sides?

Routers have same definition for peer-group and route-map:
router bgp 6703
 neighbor AS6703 peer-group
 neighbor AS6703 remote-as 6703
 neighbor AS6703 route-reflector-client
 neighbor AS6703 send-community
 neighbor AS6703 prefix-list AS6703-Out out
 neighbor AS6703 route-map AS6703-In in
!
route-map AS6703-In permit 100
 match community 99
 set ip next-hop peer-address
 set local-preference 50
route-map AS6703-In permit 200
 match community 98
 set ip next-hop peer-address
 set local-preference 150
route-map AS6703-In permit 300
 match community 97 71
 set ip next-hop peer-address
route-map AS6703-In permit 400
 match community 199
 set ip next-hop peer-address
 set local-preference 90
route-map AS6703-In permit 500
 match community 198
 set ip next-hop peer-address
 set local-preference 70
route-map AS6703-In permit 600
 set ip next-hop peer-address
 set local-preference 55

Configuration specific to first router:
router bgp 6703
 neighbor 195.248.160.210 peer-group AS6703
 neighbor 195.248.160.210 description CORE1-DP
 neighbor 195.248.160.210 update-source Loopback0
!
ip prefix-list AS6703-Out seq 5 deny 213.227.192.0/20 ge 21
ip prefix-list AS6703-Out seq 10 permit 0.0.0.0/0 le 32

To second router:
router bgp 6703
 neighbor 195.248.160.167 peer-group AS6703
 neighbor 195.248.160.167 description CORE1-KV
 neighbor 195.248.160.167 update-source Loopback0
!
ip prefix-list AS6703-Out seq 5 deny 195.248.160.0/19 ge 25
ip prefix-list AS6703-Out seq 10 deny 217.24.160.0/20 ge 21
ip prefix-list AS6703-Out seq 15 permit 0.0.0.0/0 le 32

RD> On Mon, Dec 13, 2004 at 12:49:12PM +0100, Ben Crocker wrote:
RD> > 
RD> > There's been more than one bug to do with this but perhaps this one 
RD> > applies,
RD> > 
RD> 
RD> > CSCdr54230 : BGP:attribute length truncated + command to limit AS_PATH 
RD> > size
RD> > 
RD> > Hope it helps,
RD> > 
RD> > 
RD> > On Dec 13, 2004, at 12:29 PM, Alexey Luckyanchikov wrote:
RD> > 
RD> > > Hi.
RD> > >
RD> > > Today I observed strange flapping between two 7513. Log from one side
RD> > > (software version - 12.2(14)S9):
RD> > > Dec 10 23:05:24: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Up
RD> > > Dec 13 11:39:59: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Down BGP 
RD> > > Notification sent
RD> > > Dec 13 11:39:59: %BGP-3-NOTIFICATION: sent to neighbor 195.248.160.210 
RD> > > 1/2 (illegal header length) 0 bytes
RD> > > Dec 13 11:40:29: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Up
RD> > > Dec 13 11:40:29: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Down BGP 
RD> > > Notification sent
RD> > > Dec 13 11:40:29: %BGP-3-NOTIFICATION: sent to neighbor 195.248.160.210 
RD> > > 3/1 (update malformed) 31 bytes CA1A5B12 83000000 00D456E5 B1D45646 F5
RD> > > Dec 13 11:40:29: BGP: 195.248.160.210 Bad attributes FFFF FFFF FFFF 
RD> > > FFFF FFFF FFFF FFFF FFFF 0073 0200 0000 4540 0101 0240 0204 0201 21F2 
RD> > > 4003 04C3 F8BF 9680 0404 0000 0000 4005 0400 0000 5AC0 0804 EC17 BDBA 
RD> > > CA1A 5B12 8300 0000 00D4 56E5 B1D4 5646 F5D4 56
RD> > > Dec 13 11:40:55: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Up
RD> > > Dec 13 11:43:56: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Down BGP 
RD> > > Notification sent
RD> > > Dec 13 11:43:56: %BGP-3-NOTIFICATION: sent to neighbor 195.248.160.210 
RD> > > 4/0 (hold time expired) 0 bytes
RD> > > Dec 13 11:44:24: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Up
RD> > > Dec 13 12:08:05: %BGP-5-ADJCHANGE: neighbor 195.248.160.210 Down BGP 
RD> > > Notification sent
RD> > > Dec 13 12:08:05: %BGP-3-NOTIFICATION: sent to neighbor 195.248.160.210 
RD> > > 1/2 (illegal header length) 0 bytes
RD> > >
RD> > > And from another (software version - 12.2(14)S10):
RD> > > Dec 13 11:39:59: %BGP-3-NOTIFICATION: received from neighbor 
RD> > > 195.248.160.167 1/2 (illegal header length) 0 bytes
RD> > > Dec 13 11:39:59: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Down BGP 
RD> > > Notification received
RD> > > Dec 13 11:40:29: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Up
RD> > > Dec 13 11:40:29: %BGP-3-NOTIFICATION: received from neighbor 
RD> > > 195.248.160.167 3/1 (update malformed) 31 bytes CA1A5B12 83000000 
RD> > > 00D456E5 B1D45646 F5
RD> > > Dec 13 11:40:29: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Down BGP 
RD> > > Notification received
RD> > > Dec 13 11:40:55: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Up
RD> > > Dec 13 11:43:56: %BGP-3-NOTIFICATION: received from neighbor 
RD> > > 195.248.160.167 4/0 (hold time expired) 0 bytes
RD> > > Dec 13 11:43:56: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Down BGP 
RD> > > Notification received
RD> > > Dec 13 11:44:24: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Up
RD> > > Dec 13 12:08:05: %BGP-3-NOTIFICATION: received from neighbor 
RD> > > 195.248.160.167 1/2 (illegal header length) 0 bytes
RD> > > Dec 13 12:08:05: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Down BGP 
RD> > > Notification received
RD> > > Dec 13 12:08:35: %BGP-5-ADJCHANGE: neighbor 195.248.160.167 Up
RD> > >
RD> > > Manual session reset help - flapping stopped. I can't find any
RD> > > appropriate to this issue in Bug Navigator. Do you have any ideas about
RD> > > what it was?

-- 
Sincerely,
Alexey Luckyanchikov


More information about the cisco-nsp mailing list