[f-nsp] IPV6 BGP Assistance on RX-4 - Stuck in IDLE

Derek Maxwell derek.maxwell at chosentechgroup.com
Sun Nov 27 21:57:24 EST 2016


Hello Martjin,

Thank you for your timely and thorough response. I did work with a Zayo support engineer after your email, who agreed to move the session to a new /125 subnet. We confirmed TCP reachability and reconfigured the sessions on both ends. However, my session still sat in IDLE.

I did some additional reading and noticed that I was missing a line that was present in some of the configuration examples.  Once I added it, the session established immediately.
ipv6 unicast-routing

This is not present in our CER config, but the documentation does make it clear that it is required for any IPv6 Layer 3 to work in Ironware, so I suppose I should have seen it.

In any case, we are fully functional with the first IPv6 peer at this time and internal static routes are working as well. We’ll have to figure out how to make efficient use of the limited FIB space for IPv6 routes as we begin to accept full tables. I’m sure there have been ample discussions already on how to practically route filter.

Thank you again.

--Derek Maxwell

From: "martijnschmidt at i3d.net" <martijnschmidt at i3d.net>
Date: Saturday, November 26, 2016 at 7:13 PM
To: Derek Maxwell <derek.maxwell at chosentechgroup.com>, "foundry-nsp at puck.nether.net" <foundry-nsp at puck.nether.net>, "i3D. net - Martijn Schmidt" <martijnschmidt at i3d.net>
Subject: Re: [f-nsp] IPV6 BGP Assistance on RX-4 - Stuck in IDLE

Hi Derek,

Your BGP session is in an IDLE state because the router can't open a TCP session with the remote device. I think you might be running into difficulties because you're using the penultimate IPv6 address in a /126 subnet, which is problematic due to RFC2526. Said RFC is usually implemented in Brocade switching products like the FastIron or BigIron series. For devices positioned in the market as a router, e.g. the NetIron series which your CER is a part of, this behaviour is not there.

You could ask Zayo to reconfigure your session toward the last IPv6 address in the subnet - this address is available in IPv6 because the protocol doesn't support broadcast at all. To illustrate my point with the last chunk of your IPv6 address on interface ethernet 3/24 while your subnet mask is /126:

1af4 = network
1af5 = Zayo
1af6 = reserved for RFC2526
1af7 = usable for your router

Or, you could ask Zayo to replace the existing linknet with a slightly larger subnet (a /125 would work). This would move the RFC2526 reserved address a bit further backwards so you'd be able to peer with Zayo using the first two addresses in the subnet.

Best regards,
Martijn Schmidt
On 26 November 2016 23:11:11 CET, Derek Maxwell <derek.maxwell at chosentechgroup.com> wrote:
Hello,

We recently upgraded our BGP router in our east coat site to a Brocade BigIron RX-4. One of the reasons for the move was the ability to support IPv6. While our two Ipv4 BGP sessions have been running properly, the Ipv6 session is stuck in IDLE.

I have compared the configuration against our NetIron CER, which has a working v6 configuration, and cannot determine what the configuration error might be.

Relevant configuration snippets are below (omitted v4 details, can include if they would be helpful).  I would appreciate if someone can point me in the right direction, as my review of documentation and previous posts has not been able to get me to a suitable solution. I have confirmed with the provider (Zayo) that the configruation is built on their end. We are able to ping in each direction and I have full Ipv6 connectivity when using a static route, but not using our address space. I have redacted parts of IPv6 addresses with a YYYY for security and our AS number with a 99999.


ip as-path access-list 202 seq 5 permit .*

!

ip as-path access-list 102 seq 5 permit .*

!



ipv6 prefix-list  PERMIT-TO-ZAYO-V6 seq 10 permit 2620:66:YYYY::/48

!

ipv6 prefix-list  BOGONS-V6 seq 155 permit 2001::/32

ipv6 dns server-address 2001:4860:4860::8888

ipv6 route ::/0 2001:438:YYYY::1af5

ipv6 route 2620:66:YYYY::/48  null0

!

!

!

!

!

!



interface loopback 2

 ipv6 address 2620:66:YYYY::1/126

 ipv6 enable

!



interface ethernet 3/24

 port-name ZayoTransit

 no cdp enable

 ip address 209.249.39.62/30

 ipv6 address 2001:438:YYYY::1af6/126

!

!

router bgp

 local-as 99999

 as-path-filter  1 permit .*

 always-compare-med



 neighbor 2001:438:YYYY::1af5 remote-as 6461

 neighbor 2001:438:YYYY::1af5 update-source ethernet 3/24







 address-family ipv6 unicast

 network 2620:66:YYYY::/48

 redistribute connected

 redistribute static

 neighbor 2001:438:YYYY::1af5 activate

 neighbor 2001:438:YYYY::1af5 route-map in ZAYO-TRANSIT-IN-V6

 neighbor 2001:438:YYYY::1af5 route-map out ZAYO-TRANSIT-OUT-V6

 exit-address-family



route-map  ZAYO-TRANSIT-IN-V6 deny  6

 match ipv6 address prefix-list BOGONS-V6

route-map  ZAYO-TRANSIT-IN-V6 permit  10

 match as-path  200

 set local-preference 150

route-map  ZAYO-TRANSIT-IN-V6 permit  15

 match as-path  201

 set local-preference 130

route-map  ZAYO-TRANSIT-IN-V6 permit  20

 match as-path  202

 set local-preference 120

route-map  ZAYO-TRANSIT-IN-V6 permit  25

 match as-path  203

 set local-preference 110

route-map  ZAYO-TRANSIT-IN-V6 permit  30

 match as-path  204

 set local-preference 100

!

route-map  ZAYO-TRANSIT-OUT-V6 permit  11

 match ipv6 address prefix-list PERMIT-TO-ZAYO-V6


And below is the summary of the sho ipv6 bgp nei


sho ipv6 bgp nei

    Total number of BGP Neighbors: 1

1   IP Address: 2001:438:YYYY::1af5, Remote AS: 6461 (EBGP), RouterID: 0.0.0.0

    State: IDLE, Time: 0h31m45s, KeepAliveTime: 60, HoldTime: 180

       UpdateSource: Ethernet 3/24

    Address Family : IPV6 Unicast

       Route-map: (in) ZAYO-TRANSIT-IN-V6  (out) ZAYO-TRANSIT-OUT-V6

    Messages:    Open    Update  KeepAlive Notification Refresh-Req

       Sent    : 0       0       0         0            0

       Received: 0       0       0         0            0

    Last Connection Reset Reason:Unknown

    Notification Sent:     Unspecified

    Notification Received: Unspecified

    Neighbor NLRI Negotiation:

      Peer configured for IPV6 unicast  Routes

    TCP status not available




Show version below:


==========================================================================

HW: BigIron RX Router

BigIron RX-4 CHASSIS (Serial #: H02718HM18,  Part #: 35550-001)

RX-BI-SFM1 Switch Fabric Module 1 (Serial #: S52609H111,  Part #: 35548-001G)

FE 1: Type fe200,  Version 2

RX-BI-SFM1 Switch Fabric Module 2 (Serial #: S52612H136,  Part #: 35548-001G)

FE 1: Type fe200,  Version 2

RX-BI-SFM1 Switch Fabric Module 3 (Serial #: S52614H15B,  Part #: 35548-001G)

FE 1: Type fe200,  Version 2

==========================================================================

SL M2: RX-BI-MR2 Management Module (High Value) Active (Serial #: S02610H12S, Part #: 35524-005A):

Boot     : Version 2.9.0dT145 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:20 labeled as rmb02900d

 (446876 bytes) from boot flash

Monitor  : Version 2.9.0dT145 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:20 labeled as rmb02900d

 (446876 bytes) from code flash

IronWare : Version 2.9.0dT143 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:58:26 labeled as rmpr02900d

 (4694103 bytes) from Primary

Board ID : 00 MBRIDGE Revision : 21

916 MHz Power PC processor  (version 8003/0101) 166 MHz bus

512 KB Boot Flash (AM29LV040B), 32 MB Code Flash (MT28F128J3)

2048 MB DRAM

Active Management uptime is 15 hours 40 minutes 51 seconds

==========================================================================

SL M1: RX-BI-MR2 Management Module (High Value) Standby (Serial #: S02609H0YX, Part #: 35524-004A):

Boot     : Version 2.9.0dT145 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:20 labeled as rmb02900d

 (446876 bytes) from boot flash

Monitor  : Version 2.9.0dT145 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:20 labeled as rmb02900d

 (446876 bytes) from code flash

IronWare : Version 2.9.0dT143 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:58:26 labeled as rmpr02900d

 (4694103 bytes) from Primary

Board ID : 00 MBRIDGE Revision : 21

916 MHz Power PC processor  (version 8003/0101) 166 MHz bus

512 KB Boot Flash (AM29LV040B), 32 MB Code Flash (MT28F128J3)

2048 MB DRAM

Standby Management uptime is 12 hours 20 minutes 44 seconds

==========================================================================

SL 1: RX-BI-24C 24-port 1 GbE Copper Module (Serial #: ST51090820, Part #: 35521-003E)

Boot     : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (307574 bytes) from boot flash

Monitor  : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (524288 bytes) from code flash

IronWare : Version 2.9.0dT157 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 01:02:18 labeled as rlp02900d

 (2381284 bytes) from Primary

FAP 1 version: 3

FAP 2 version: 3

FAP 3 version: 0

FAP 4 version: 0

660 MHz Power PC processor 440GP (version 8020/0020) 330 MHz bus

512 KB Boot Flash (AM29LV040B), 16 MB Code Flash (MT28F640J3)

512 MB DRAM, 8 KB SRAM, 0 Bytes BRAM

LP Slot 1 uptime is 15 hours 40 minutes 48 seconds

==========================================================================

SL 2: RX-BI-24C 24-port 1 GbE Copper Module (Serial #: ST01100310, Part #: 35521-003E)

Boot     : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (307574 bytes) from boot flash

Monitor  : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (524288 bytes) from code flash

IronWare : Version 2.9.0dT157 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 01:02:18 labeled as rlp02900d

 (2381284 bytes) from Primary

FAP 1 version: 3

FAP 2 version: 3

FAP 3 version: 0

FAP 4 version: 0

660 MHz Power PC processor 440GP (version 8020/0020) 330 MHz bus

512 KB Boot Flash (AM29LV040B), 16 MB Code Flash (MT28F640J3)

512 MB DRAM, 8 KB SRAM, 0 Bytes BRAM

LP Slot 2 uptime is 15 hours 40 minutes 48 seconds

==========================================================================

SL 3: RX-BI-24F 24-port 1 GbE Module (Serial #: SA40081138, Part #: 35520-104C)

Boot     : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (307574 bytes) from boot flash

Monitor  : Version 2.9.0dT155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 00:52:12 labeled as rlb02900d

 (524288 bytes) from code flash

IronWare : Version 2.9.0dT157 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.

Compiled on Nov 13 2014 at 01:02:18 labeled as rlp02900d

 (2381284 bytes) from Primary

FAP 1 version: 3

FAP 2 version: 3

FAP 3 version: 0

FAP 4 version: 0

660 MHz Power PC processor 440GP (version 8020/0020) 330 MHz bus

512 KB Boot Flash (AM29LV040B), 16 MB Code Flash (MT28F640J3)

512 MB DRAM, 8 KB SRAM, 0 Bytes BRAM

LP Slot 3 uptime is 15 hours 40 minutes 45 seconds

==========================================================================

All show version done


Thanks in advance for the consideration and assistance.

—Derek Maxwell

________________________________

foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20161128/0adcd8cf/attachment-0001.html>


More information about the foundry-nsp mailing list