[c-nsp] IOS: catch 22 when enabling new bgp neighbors

Sun Jun 22 11:18:13 EDT 2014

Ditto. I didn't know you could do this either. That's why I love mailing 
lists. They're a massive pool of collective experience. :)

Brocade has an interesting way of handling this as well. I had always 
wondered why (until now) Cisco didn't have an equivalent. On Brocade you 
can do:

auto-shutdown-new-neighbors

in the global BGP config. Every new BGP peer you configure is shutdown 
by default and requires a no shut to bring it up. I kind of like the way 
that works... but being able to configure a new peer in a shutdown state 
works just as well.

-Vinny
> Vitkovský Adam <mailto:adam.vitkovsky at swan.sk>
> Saturday, June 21, 2014 12:13 PM
>
> Same here :D.
> That's why I love this as one can learn something new each day.
>
> adam
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> Oliver Boehmer (oboehmer) <mailto:oboehmer at cisco.com>
> Saturday, June 21, 2014 12:34 AM
> [neighbor 192.0.2.100 remote-as 64511 shutdown]
>
>
> so do I ;-)
>
> oli
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> Blake Dunlap <mailto:ikiris at gmail.com>
> Friday, June 20, 2014 4:13 PM
> Wow, you can do that? I feel really really dumb now...
>
> On Fri, Jun 20, 2014 at 11:30 AM, Koch, Andrew
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> Koch, Andrew <mailto:andrew.koch at tdstelecom.com>
> Friday, June 20, 2014 12:30 PM
>
> Hi Lukas,
>
> Try adding the shutdown keyword on the first (remote-as) config line:
>
> test-router(config-router)#neighbor 192.0.2.100 remote-as 64511 shutdown
> test-router(config-router)#!!! rest of neighbor configuration
> test-router(config-router)#no neighbor 192.0.2.100 shutdown
>
> HTH,
>
> Andy
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> Lukas Tribus <mailto:luky-37 at hotmail.com>
> Friday, June 20, 2014 10:39 AM
> Hey guys,
>
>
> I feel like this is a stupid question with a simple solution, but I just
> not see it:
>
> When I configure a new BGP session, before I can shutdown the neighbor
> or apply a specific peer-group/session-template/policy-template, I need
> to configure the remote-as, so the first command in the address-family is:
>
>  neighbor 2001::123 remote-as 65005
>
>
> Now, if I don't specify the policies right away, or shutdown the session
> right away (or the ssh terminal slows down for whatever reason), IOS will
> establish the BGP session as-is (without any policies), until I manage
> to configure the rest.
>
> In that case, I'm leaking everything I have to the other side for a short
> period of time, possibly triggering max-prefix limits or causing other
> nastiness.
>
> Especially when using SSH and configuring long IPv6 addresses on IOS-XE
> here, this seams to be a problem, copy'n'pasting from notepad is not
> enough in that situation (somehow, the terminal slows down when pasting
> the config to some 2 - 3 chars per second).
>
>
> Any way to make IOS(-XE) behave in a more sane way so I can configure
> everything *before* the session brought up? Like defaulting to shutdown
> or something like that?
>
>
> Let me know how you guys avoid this problem.
>
>
>
> Thanks!
>
> Lukas
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/