[j-nsp] BGP session is not coming up

Matthias Gelbhardt matthias at commy.de
Wed Jul 22 09:58:54 EDT 2009 

Hi!

I get an error message:

Jul 22 14:53:48.164226 BGP RECV Notification code 2 (Open Message  
Error) subcode 5 (authentication failure)

And I think that explains itself. I have reconfigured the box so many  
times now, that I am certain, that the problem is not on our side. The  
MD5 key is the one, we have agreed upon. On the other side is a  
provider, so we are unable to get a hold on the remote side.

Regards,

Matthias

Am 22.07.2009 um 09:32 schrieb Hendrik Kahmann:

>
> Hello Matthias,
>
> the log tells me, that there is a missing md5 key for this  
> connection. In
> your config this part is "inactive". Maybe you should compare the
> eBGP-Config on both machines to check if md5 authentication is  
> needed on one
> side. Why did you deactivate the authentication key in here? Did you
> specifiy your local AS in the config?
>
>
> Kind regards from Oldenburg,
>
> Hendrik
>
> -----Ursprüngliche Nachricht-----
> Von: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] Im Auftrag von Matthias
> Gelbhardt
> Gesendet: Mittwoch, 22. Juli 2009 08:56
> An: juniper-nsp
> Betreff: [j-nsp] BGP session is not coming up
>
> Hi!
>
> We have a problem with a BGP session. The session is not coming up,  
> and I
> dont know why. It is a eBGP session:
>
> Log:
>
> Jul 22 08:30:08  muenster /kernel: tcp_auth_ok: Packet from x.x.x.x:
> 179 missing MD5 digest
>
> tracelog:
>
> Jul 22 08:50:16.426122 bgp_connect_complete: error connecting to  
> x.x.x.x
> (External AS x): Socket is not connected
>
> tcpdump;
>
> 08:49:07.632649 Out IP x.x.x.x.60582 > x.x.x.x.179: S
> 594093001:594093001(0) win 16384 <mss 1460,nop,wscale
> 0,nop,nop,timestamp[|tcp]>
>
> config:
>
> group external {
>     type external;
>     neighbor xx {
>         description uplink_;
>         local-address xx;
>         import import_bgp_;
>         inactive: authentication-key "$9$u-xxx"; ## SECRET-DATA
>         export [ export_prepend export_bgp_external ];
>         peer-as xx;
>     }
> }
>
> Any ideas?
>
> Leaving the MD5 does not work, I even have restartet the routing  
> process
> with no luck.
>
> Matthias
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list