You are on page 1of 19

BGP Connection Basics

External BGP

Unlike most other routing protocols, Border Gateway Protocol (BGP) does not automatically discover
neighbors and then send updates. It must be manually configured with information regarding what devices
to peer with and what information to advertise to those peers. Security is the main driver behind this
method.

So when configuring a Cisco router to advertise using BGP, the first step is to establish peering between the
BGP devices and verify that the BGP devices have peered. It is important to stop and verify connectivity.
Nothing will work if the underlying connection is not made, so you should verify connectivity while things are
simple.

This document is about establishing this basic connectivity, and covers external BGP peering. Internal BGP
is covered in a later document.

Generally, but not always, External BGP (EBGP) peers are directly connected. This document covers basic
connectivity step by step, using the following scenario:

AS 65001 AS 65002
Lo0 Lo0
172.16.255.1/32 172.16.255.2/32
Router C Router D

S0/0/1 S0/0/1
192.168.1.1/24 192.168.1.2/24

As shown in the example, the BGP devices are directly connected using ports S0/0/1, and IP addresses
192.168.1.1 & 192.168.1.2.

1 BGP Connection Basics: External BGP © 2009 Cisco Systems, Inc.

4 ~ ~ ~ (<-. Inc.bin" advipservicesk9-mz. Compiled Fri 17-Nov-06 12:02 by Compiled Fri 17-Nov-06 12:02 by prod_rel_team prod_rel_team ROM: System Bootstrap. Processor board ID FTX1013A1DJ Processor board ID FTX1107A6A1 2 FastEthernet interfaces 2 FastEthernet interfaces 2 Serial(sync/async) interfaces 2 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with DRAM configuration is 64 bits wide with parity enabled. Copyright (c) 1986-2006 by Cisco Systems.bin" ~ ~ ~ (<-. 239K bytes of non-volatile configuration 239K bytes of non-volatile configuration memory. Building configuration. 2800 Software (C2800NM-ADVIPSERVICESK9-M). Version 12.output omitted) System image file is "flash:c2800nm. . 249856K/12288K bytes of memory..output omitted) ~ ~ ~ (<-.4(13r)T.4(1r) ROM: System Bootstrap. Inc.com/techsupport Copyright (c) 1986-2006 by Cisco Systems.output omitted) Cisco 2811 (revision 53. RELEASE SOFTWARE (fc1) (fc1) Technical Support: Technical Support: http://www. Inc.4 version 12. System image file is "flash:c2800nm- advipservicesk9-mz.cisco. Current configuration : 882 bytes Current configuration : 1319 bytes ! ! version 12.com/techsupport http://www. RELEASE SOFTWARE 12. Version [hqluong 1r].output omitted) ~ ~ ~ (<-. parity enabled.cisco. memory. Version 12.124-12.124-12.. RELEASE SOFTWARE (fc1) ~ ~ ~ (<-.. Version (C2800NM-ADVIPSERVICESK9-M). 2800 Software Cisco IOS Software. along with initial configurations: Router C Router D Version information: Version information: MikeC#s ver MikeD#s ver Cisco IOS Software. 62720K bytes of ATA CompactFlash 62720K bytes of ATA CompactFlash (Read/Write) (Read/Write) Configuration register is 0x2101 Configuration register is 0x2102 MikeC# MikeD# Starting Configuration Starting Configuration MikeC# MikeD# MikeC#show run MikeD#show run Building configuration.output omitted) ~ ~ ~ (<-. RELEASE SOFTWARE (fc1) 12.51) with 249856K/12288K bytes of memory.51) with Cisco 2811 (revision 53.4(12).4(12)..Here is the version information.output omitted) 2 BGP Connection Basics: External BGP © 2009 Cisco Systems.

255.output omitted) MikeD# MikeC# At this point.2 255.0 clock rate 2000000 ! ! ! ! ip http server ip http server no ip http secure-server no ip http secure-server ! ! ~ ~ ~ (<-. .1 255. as shown by the following: MikeC#s ip bgp summary % BGP not active MikeC# 3 BGP Connection Basics: External BGP © 2009 Cisco Systems.255.255.1.2 255.255.0 ip address 192. Inc.! ! interface Loopback0 interface Loopback0 ip address 172.255 ! ! interface FastEthernet0/0 interface FastEthernet0/0 no ip address no ip address shutdown shutdown duplex auto duplex auto speed auto speed auto ! ! interface FastEthernet0/1 interface FastEthernet0/1 no ip address no ip address shutdown shutdown duplex auto duplex auto speed auto speed auto ! ! interface Serial0/0/0 interface Serial0/0/0 no ip address no ip address shutdown shutdown ! ! interface Serial0/0/1 interface Serial0/0/1 ip address 192.16.255.255.255 ip address 172.1 255. BGP is not active.168.1.168.255.16.output omitted) ~ ~ ~ (<-.255.255.255.

168. which is the same as on Router C except for the neighbor’s IP address and AS number: MikeD#conf t Enter configuration commands. MikeC(config)#router bgp 65001 MikeC(config-router)#nei 192..output omitted) (2) MikeC(config-router)#nei 192. Router D has not been configured yet.168.1. .168.1.1.1 *Oct 1 19:27:55.. local address 192. you will see the following in this IOS version: MikeC#s run Building configuration. End with CNTL/Z.1 remote-as 65001 MikeD(config-router)#^Z MikeD# 4 BGP Connection Basics: External BGP © 2009 Cisco Systems. Side note: If you exit configuration mode at this point and do a show running-config.168.output omitted) ! router bgp 65001 no synchronization bgp log-neighbor-changes no auto-summary ! ~ ~ ~ (<-. Active is not an operational state. which will be discussed in more detail later. At this point. and the autonomous system number that it belongs to.1.2 went from Idle to Active *Oct 1 19:27:21.014: BGP: 192.1. End with CNTL/Z.168.2 open active. MikeD(config)#router bgp 65002 MikeD(config-router)#nei 192.1.478: BGP: 192.2 remote-as 65002 MikeC(config-router)#^Z MikeC# Now take a look at both configuration statements so that you can see what is happening: (1) MikeC(config)#router bgp 65001 Start the BGP process.2 remote-as 65002 Manually specify the BGP neighbor to peer with.168. 28% jitter) *Oct 1 19:27:55. so you get the following output: *Oct 1 19:27:21. the router tries to establish a TCP connection with the neighboring device. Inc. Now it is time to enable BGP on Router D. ~ ~ ~ (<-. one per line.Basic BGP Connectivity Now you will configure basic BGP connectivity: MikeC#conf t Enter configuration commands. one per line.1. This command gives the ip address of the device.014: BGP: 192.2 open active delayed 34461ms (35000ms max.168.2 open failed: Connection refused by remote Notice that the BGP state went from Idle to Active.1. and allocate resources.478: BGP: 192.168.

1. the rest shows just the progression in getting there).168.1.918: BGP: 192.1 OPEN has CAPABILITY code: 128.2 OPEN has ROUTE-REFRESH capability(old) for all address-families *Oct 1 19:33:31.1 *Oct 1 19:33:31.2 OPEN has CAPABILITY code: 128.955: BGP: 192.926: BGP: 192.1 went from Active to Idle Oct 1 11:39:51.811: BGP: 192.922: BGP: 192.168. Inc.955: BGP: 192.1 rcv OPEN.959: BGP: 192.926: BGP: 192.1.1.1.2 went from OpenConfirm to Established *Oct 1 19:33:31.168.2 OPEN has ROUTE-REFRESH capability(new) for all address-families BGP: 192.2 rcv message type 1.959: BGP: 192.168.1.959: BGP: 192.168.1.955: BGP: 192.955: BGP: 192.168. header) 26 Oct 1 11:39:51. length 0 Oct 1 11:39:51. version 4.2 rcvd OPEN w/ remote AS 65002 *Oct 1 19:33:31.168.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 Oct 1 11:39:51.1.926: BGP: 192.168.1. version 4. holdtime 180 seconds Oct 1 11:39:51.1.955: BGP: 192.168.168.168.1 OPEN has MP_EXT CAP for afi/safi: 1/1 Oct 1 11:39:51. that is what they do. my as: 65002.1.1.926: BGP: 192.2 rcv OPEN. .1.168. length 4 Oct 1 11:39:51.926: BGP: 192.1.168.168.Now that the neighbors have been configured to peer with each other.168.914: BGP: 192.926: BGP: 192.168.1.1. version 4.1.1.811: BGP: 192.168.168.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 *Oct 1 19:33:31.1 went from Idle to Active Oct 1 11:39:42.1 passive open to 192. local address 192. length 0 *Oct 1 19:33:31.1 rcv message type 1.955: BGP: 192.168.1.955: BGP: 192.1.914: BGP: 192.1.1.926: %BGP-5-ADJCHANGE: neighbor 192.168.168.1.168.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 *Oct 1 19:33:31.168.1 OPEN has ROUTE-REFRESH capability(old) for all address-families Oct 1 11:39:51.1. length 0 *Oct 1 19:33:31.2 open active.955: BGP: 192.168.955: BGP: 192.1.922: BGP: 192.168.1. length (excl. holdtime 180 seconds *Oct 1 19:33:31. my as: 65001. holdtime 180 seconds *Oct 1 19:33:31.168.926: BGP: 192. length 4 *Oct 1 19:33:31. holdtime 180 seconds Oct 1 11:39:51.1 OPEN has CAPABILITY code: 1.1.926: BGP: 192.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 *Oct 1 19:33:31.168. On Router C: *Oct 1 19:33:31.168.1 rcv OPEN w/ OPTION parameter len: 16 Oct 1 11:39:51.926: BGP: 192.2 Oct 1 11:39:51. length (incl.168.1.168.959: BGP: 192.1 sending OPEN.922: BGP: 192.168.168.1.2 went from OpenSent to OpenConfirm *Oct 1 19:33:31. 28% jitter) Oct 1 11:39:51.168.2 OPEN has MP_EXT CAP for afi/safi: 1/1 *Oct 1 19:33:31.2 went from Active to OpenSent *Oct 1 19:33:31.2 Up The same on Router D: Oct 1 11:39:42.1.168.1.926: BGP: 192.168.1 open active delayed 30636ms (35000ms max. header) 26 *Oct 1 19:33:31.2 rcv OPEN w/ OPTION parameter len: 16 *Oct 1 19:33:31. length (excl.1.1.1 went from Idle to Connect Oct 1 11:39:51.1.1.926: BGP: 192.168. version 4.168.2 OPEN has CAPABILITY code: 2.2 sending OPEN.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 5 BGP Connection Basics: External BGP © 2009 Cisco Systems.2 send message type 1.955: BGP: 192. header) 45 *Oct 1 19:33:31.1 went from Connect to OpenSent Oct 1 11:39:51.955: BGP: 192.168. (Please note before you study the output in detail that only the last line is important.1.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 Oct 1 11:39:51.1.168.1.2 OPEN has CAPABILITY code: 1.914: BGP: 192.

168.255. The last line says that the state went from OpenConfirm to Established.963: BGP: 192. remote AS 65002.2 BGP state = Established. keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received ~ ~ ~ (<-.1 went from OpenSent to OpenConfirm Oct 1 11:39:51.1 OPEN has CAPABILITY code: 2.168.168.1. Inc. no prefixes have been received.959: BGP: 192.16. the State/PfxRcd field is reporting 0. up for 00:03:12 Last read 00:00:12. hold time is 180.168.168. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192. (Remember that for security purposes.168. This situation is acceptable.1.959: BGP: 192.1. header) 45 Oct 1 11:39:51.959: BGP: 192. a digit greater than 0 means that the state is established. not established.1.255. there is more information on the BGP states later in this document. and you have not told BGP to do that yet). last write 00:00:12. you have to manually tell BGP to advertise prefixes.1.1. and in this case.168.16. since you have not yet configured the ability to advertise.2. length (incl. 6 BGP Connection Basics: External BGP © 2009 Cisco Systems. If you really need to see that the state is Established. you can use the following show commands to determine the state of the BGP peers: MikeC#s ip bgp sum BGP router identifier 172. the devices have not been configured to do so yet. local AS number 65001 BGP table version is 1. use the show ip bgp neighbors command: MikeC#s ip bgp nei BGP neighbor is 192.1 send message type 1. The omitted output is counters that become significant after BGP has begun to advertise.168.1 rcvd OPEN w/ remote AS 65001 Oct 1 11:39:51. length 0 Oct 1 11:39:51.2 4 65002 6 6 1 0 0 00:02:52 0 Note that when using the show ip bgp summary command. .1 OPEN has ROUTE-REFRESH capability(new) for all address-families BGP: 192.1 went from OpenConfirm to Established Oct 1 11:39:51.1.output omitted) The BGP state is given as Established.959: BGP: 192.168.963: %BGP-5-ADJCHANGE: neighbor 192. external link BGP version 4.1 Up The preceding output shows that BGP connectivity between the peers is up and operational.1. Once the state is Established.1. remote router ID 172. Oct 1 11:39:51. If you missed the preceding output or are checking on BGP at a later time. the BGP devices have peered and can now pass network information—except that in the example here.1. If you want to really get into the preceding details.

you will have to contact the administrator of the other autonomous system and have them verify their configuration. for whatever reason.255.1. What Can Go Wrong? In its simplicity. Your colleague insists that BGP is configured on the router. If you are sure that your configuration is correct. the other peer may belong to another autonomous system that you cannot access. The show running-config command can verify this situation. BGP has not been configured on this device. you have a more serious problem and it is not a BGP problem.16. local AS number 65001 BGP table version is 1. 1) You execute the show ip bgp summary command and receive the following: MikeC#s ip bgp sum % BGP not active MikeC# As shown here. what will be the output of the show ip bgp summary command? The following output came from Router C when it was configured for BGP but Router D was not: MikeC#s ip bgp sum BGP router identifier 172. or you may have done it yourself. But make sure that you have thoroughly checked your end first. and you still cannot get to the Established state. and it is usually a configuration problem.2 4 65002 0 0 0 0 0 never Active MikeC# You can see that the State/PfxRcd field says Active instead of showing a digit. 2) The show ip bgp summary command gives the following output: MikeC#s ip bgp sum MikeC# No output at all—fairly ambiguous. . If you see BGP configured and you are getting this output. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1. What does the show ip bgp neighbors command have to say? MikeC#s ip bgp nei MikeC# 7 BGP Connection Basics: External BGP © 2009 Cisco Systems. what can go wrong? More than you might think.If the state is not Established. this means that. Please note that many times you have access to only one of the BGP peers. Inc. but for whatever reason BGP is not there.

It is equally silent on the subject.1.0.168. If it is not. A quick look at show running-config tells you what you need to know: MikeC#s run ~ ~ ~ (<-.  Check out the following output from the show ip bgp summary and show ip bgp neighbors commands: MikeC#s ip bgp sum BGP router identifier 172. you must first troubleshoot the connectivity problem. local AS number 65001 BGP table version is 1. before peering with an interface that is not directly connected. Inc. but it is a little more involved. .2. remote router ID 0. you can still peer with a nondirectly connected interface.  Is the neighbor directly connected? This means that the neighbor address that you are using needs to be the IP address of the neighboring device’s directly connected interface.  Since you are building a TCP connection.255.2 4 65002 0 0 0 0 0 never Idle MikeC#s ip bgp nei BGP neighbor is 192.output omitted) ! router bgp 65001 no synchronization bgp log-neighbor-changes no auto-summary ! ~ ~ ~ (<-. However. but no neighbor has been specified.168.output omitted) The BGP process has been configured. hold time is 180. external link BGP version 4.2. there must be connectivity between the devices.0 BGP state = Idle Last read 00:00:00.16. you should ensure that you have a good reason for doing so.2. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.0. keepalive interval is 60 seconds Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 0 0 Notifications: 0 0 Updates: 0 0 Keepalives: 0 0 Route Refresh: 0 0 Total: 0 0 Default minimum time between advertisement runs is 30 seconds 8 BGP Connection Basics: External BGP © 2009 Cisco Systems. last write 00:00:00. A more detailed explanation will follow. There are several things that can cause this issue. Can you ping the neighbor’s IP address? If not. 3) The configuration is there. but it is just not working. Is something stopping traffic to or from TCP port 179 (BGP uses TCP port 179)? That is also a possibility. remote AS 65002.

168.2. remote router ID 0. remote AS 65002. . neighbor version 0/0 Output queue size : 0 Index 1. Mask 0x2 1 update-group member Sent Rcvd Prefix activity: ---.2. hold time is 180.168. min 0 Connections established 0.2. remote AS 65022. external link BGP version 4. Can you find a reason for this? Look more carefully at the neighbor that is specified. local AS number 65001 BGP table version is 1.0.0. keepalive interval is 60 seconds Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 2 2 9 BGP Connection Basics: External BGP © 2009 Cisco Systems.168.0 BGP state = Active Last read 00:00:11. Offset 0. ------- Total: 0 0 Number of NLRIs in the update sent: max 0. Inc.2.255. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.0.2.1. ---- Prefixes Current: 0 0 Prefixes Total: 0 0 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 0 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: -------.2.16.2 4 65022 2 2 0 0 0 never Active MikeC#s ip bgp nei BGP neighbor is 192. dropped 0 Last reset never External BGP neighbor not directly connected. MikeC#s ip bgp nei BGP neighbor is 192.168.168. external link BGP version 4. not 192. last write 00:00:11.1.0  How about this output from the show ip bgp summary and show ip bgp neighbors commands: MikeC#s ip bgp sum BGP router identifier 172.1.0.1. but not close enough. The neighbor is 192. No active TCP connection MikeC# Note that the show ip bgp summary command shows the state as Idle and that the show ip bgp neighbors command also shows the state as Idle and specifies at the end that there is no active TCP connection. For address family: IPv4 Unicast BGP table version 1. It is easy to miss the fact that it is not the IP address of the neighbor—close. remote router ID 0.

Inc.0.1. min 0 Connections established 0. external link BGP version 4. neighbor version 0/0 Output queue size : 0 Index 1. shows peering between the loopback interfaces instead of between the directly connected interfaces.168. Notifications: 2 0 Updates: 0 0 Keepalives: 0 0 Route Refresh: 0 0 Total: 2 2 Default minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP table version 1. remote AS 65022. ---- Prefixes Current: 0 0 Prefixes Total: 0 0 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 0 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: -------.0 Peering with Nondirectly Connected Interfaces While in most instances you will be peering with directly connected BGP devices. ------- Total: 0 0 Number of NLRIs in the update sent: max 0. . note that in the example. that is not always the case.0. Cisco routers have the ability to EBGP peer with devices that are not directly connected. you are peering with AS 65002. It may be a typo. The following example. and AS 65022 was input. The wrong AS number will give the preceding output. Mask 0x2 1 update-group member Sent Rcvd Prefix activity: ---. MikeC#s ip bgp nei BGP neighbor is 192. Offset 0. remote router ID 0. or it may be that the number you were given is incorrect. 10 BGP Connection Basics: External BGP © 2009 Cisco Systems. dropped 0 Last reset never No active TCP connection MikeC# Review the neighbor’s autonomous system (AS) number.2.

255. Cisco routers use the IP address of the outgoing interface to peer with its BGP neighbor. The Time to Live (TTL) field allows you to specify the number of hops (security again).16. The example shows peering using loopback interfaces. In the previous example.2 active open failed .255.793: BGP: 172.168. However.16.2 open active delayed 30673ms (35000ms max. it did it by default.2 update-source loopback 0 MikeC(config-router)#nei 172. 28% jitter) 11 BGP Connection Basics: External BGP © 2009 Cisco Systems. The same is true for Router D. . Inc.16.255. if you are going to do this. one per line.2 remote-as 65002 MikeC(config-router)#nei 172. To peer with an interface that is not directly connected. The peering was built between the directly connected interfaces. Router C was not told to build the peering using the IP address of the serial interface.255.1. and if the link goes down.2 ebgp-multihop MikeC# *Oct 2 00:02:52.1. the router does not find its peer by way of another path. The example here shows a connection using the loopback 0 interfaces.255.255.168.1. peering using loopback interfaces is a valid way to connect and loadshare when there are multiple links between the two peering routers. Router D was told to peer with Router C IP address 192.168. or you can let it default to 255. Generally.To repeat. If you want your router to peer using the IP address of an interface that is not the one directly connected to its BGP neighbor (such as a loopback interface address).1/24 192.16.1. End with CNTL/Z. open active delayed 33707ms (35000ms max. This command tells the router that the BGP peer is not directly connected but is multiple hops away. Here is the configuration: Router C MikeC#conf t Enter configuration commands. then you use the neighbor <ip address> update-source <interface> command. but that is usually not necessary.2.1/32 172. where the devices peered with the directly connected interfaces.117: BGP: 172. there is only one path. You must also ensure that the peer uses that IP address in its neighbor statements.2/24 By default. Router C was told to peer with Router D IP address 192.16.255.1.2 went from Idle to Active *Oct 2 00:02:52. 28% jitter) *Oct 2 00:03:22.16.16.168.2/32 Router C Router D S0/0/1 S0/0/1 192. MikeC(config)#router bgp 65001 MikeC(config-router)#nei 172.no route to peer. AS 65001 AS 65002 Lo0 Lo0 172.255. you must add the neighbor <ip address> ebgp- multihop {ttl} command. make sure that you have a good reason.117: BGP: 172.16.

The terminal output when we configured BGP tells you that there is no route to the peer. one per line.255.255. You need a way to route to the peering IP address. Router D MikeD#conf t Enter configuration commands. so many people forget that it is needed for EBGP.1 255.1 active open failed . End with CNTL/Z.255.2 255. You have specified the neighbor IP address.255 192. 28% jitter) Oct 1 16:11:43.255.16.1 open active delayed 34535ms (35000ms max. your state will go to Enabled.1 went from Idle to Active Oct 1 16:11:09. IBGP does not need a multihop command to peer with non–directly connected peers.1 update-source loopback 0 MikeC(config-router)#nei 172.16.1 ebgp-multihop MikeD# Oct 1 16:11:09. MikeC(config)#ip route 172. If the router at the other end is configured correctly. MikeD(config)#ip route 172.255. .1. a hop count has not been specified. open active delayed 26811ms (35000ms max. End with CNTL/Z.255.no route to peer.16. 12 BGP Connection Basics: External BGP © 2009 Cisco Systems. MikeD(config)#router bgp 65002 MikeD(config-router)#nei 172. one per line.255.16. You will save yourself time if you remember this important point.193: BGP: 172. Along with the problems mentioned in the “What Can Go Wrong?” section.255.2 MikeC(config)#^z MikeC(config)# MikeD#conf t Enter configuration commands.729: BGP: 172. you see that the BGP state is Active and that no TCP session has been established.168.1 remote-as 65001 MikeD(config-router)#nei 172.  The update-source loopback 0 command states that you will be peering using the loopback 0 interface. or both. Inc. and it is certainly not sharing its information with you. one per line. End with CNTL/Z. and therefore the neighbor could be up to 255 hops away. The address is not in your autonomous system and is therefore not in your routing table.16. but the router does not know how to get there. Think about it.193: BGP: 172. You are not sharing internal network information with your neighboring autonomous system.16.255.16. How about a static route? MikeC#conf t Enter configuration commands. This is a very common mistake when configuring non–directly connected BGP connectivity. though. In this case.255.  The ebgp-multihop command lets the router know that the TTL field must be set higher than 1 to allow the neighbor to be multiple hops away. 28% jitter) Looking at the show ip bgp summary and show ip bgp neighbors commands.16. a lot of troubleshooting time is spent tracking down connectivity problems that turn out to be simply that the ebgp-multihop or the update- source commands have not been configured.2 MikeD(config)#^z MikeD(config)# Watch the output after you have configured your router.

BGP States Here is a quick summary of the BGP states: 1) Idle: The BGP peers are not connected. Rekhter Request for Comments: 1771 T. 4) OpenSent: The TCP session is active. titled “A Border Gateway Protocol 4 (BGP-4). Section 8. A condensed version of the BGP FSM is found in Appendix 1. or to OpenSent if the TCP connection is made.J. the following information is copied from RFC 1771. 5) OpenConfirm: BGP is still performing its handshaking. are given here. Following is a brief summary and overview of BGP operations by state as determined by this FSM. which defines the states and actions. while listening for connection that may be initiated by the remote BGP peer. and the router is not even thinking about trying to do so. If you would like to know exactly what each BGP state is and does. Network Working Group Y. Li Category: Standards Track cisco Systems Editors March 1995 A Border Gateway Protocol 4 (BGP-4) ~~~ (<-. Inc. Initially BGP is in the Idle state. BGP is performing its handshaking. The exact value of the ConnectRetry timer is a local matter. or back to Idle. and Appendix 1. BGP Finite State machine. Idle state: In this state BGP refuses all incoming BGP connections. with transitions and actions. It does not stay in this state long. You will rarely see this using a show command. In response to the Start event (initiated by either system or operator) the local system initializes all BGP resources. 2) Connect: The router has decided to connect to its peer. IBM Corp. starts the ConnectRetry timer. and changes its state to Connect. but should be sufficiently large to allow TCP initialization. 6) Established: BGP has connected with its neighbor. 3) Active: If your BGP neighbor is in this state it means that there is a problem (see information above). it goes to Active. This section specifies BGP operation in terms of a Finite State Machine (FSM). 13 BGP Connection Basics: External BGP © 2009 Cisco Systems.output omitted) 8. Watson Research Center. No resources are allocated to the peer. . Obsoletes: 1654 T. initiates a transport connection to other BGP peer.” from March 1995.

In response to any other event (initiated by either system or operator). the local system restarts the ConnectRetry timer. initiates a transport connection to other BGP peer. and changes its state to Connect. Active state: In this state BGP is trying to acquire a peer by initiating a transport protocol connection. completes initialization. Getting out of the Idle state requires generation of the Start event. shall exponentially increase. and changes its state to Active state. If such an event is generated automatically. it shuts down the connection and changes its state to Idle. 14 BGP Connection Basics: External BGP © 2009 Cisco Systems. the local system releases all BGP resources associated with this connection and changes its state to Idle. and stays in the Connect state. In response to the ConnectRetry timer expired event. To avoid such a condition it is recommended that Start events should not be generated immediately for a peer that was previously transitioned to Idle due to an error. A Hold Timer value of 4 minutes is suggested. sends an OPEN message to its peer. retransmission timeout). The value of the initial timer shall be 60 seconds. Inc. For a peer that was previously transitioned to Idle due to an error. completes initialization. If the transport protocol connection succeeds. In response to the ConnectRetry timer expired event. continues to listen for a connection that may be initiated by the remote BGP peer. If the transport protocol connect fails (e. the time between consecutive generation of Start events.. the local system restarts the ConnectRetry timer. sets its Hold Timer to a large value. continues to listen for a connection that may be initiated by the remote BGP peer. If the transport protocol connection succeeds. Connect state: In this state BGP is waiting for the transport protocol connection to be completed. initiates a transport connection to other BGP peer. If a BGP speaker detects an error. then persistent BGP errors may result in persistent flapping of the speaker. the local system clears the ConnectRetry timer. if such events are generated automatically. and changes its state to OpenSent. Start event is ignored in the Active state. continues to listen for a connection that may be initiated by the remote BGP peer.g. the local system clears the ConnectRetry timer. sends an OPEN message to its peer. the local system restarts the ConnectRetry timer. . The time shall be doubled for each consecutive retry. and changes its state to OpenSent. Any other event received in the Idle state is ignored.

and goes into the Active state. . is replaced with the negotiated Hold Time value (see section 4. the local system releases all BGP resources associated with this connection and changes its state to Idle. (This will effect UPDATE processing as described below. If the local system detects that a remote peer is trying to establish BGP connection to it. If the Hold Timer expires.2).) Finally. If there are no errors in the OPEN message. and stays in the Active state. continues to listen for a connection that may be initiated by the remote BGP peer. then the connection is an "internal" connection. the local system sends NOTIFICATION message with error code Hold Timer Expired and changes its state to Idle. rejects the attempted connection. In response to the Stop event (initiated by either system or operator) the local system sends NOTIFICATION message with Error Code Cease and changes its state to Idle. If the negotiated Hold Time value is zero. If a disconnect notification is received from the underlying transport protocol.2). Start event is ignored in the OpenSent state. OpenSent state: In this state BGP waits for an OPEN message from its peer. restarts the ConnectRetry timer. and the IP address of the remote peer is not an expected one. If the BGP message header checking or OPEN message checking detects an error (see Section 6. In response to any other event (initiated by either system or operator). then the Hold Time timer and KeepAlive timers are not started. In response to any other event the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle. Inc. When an OPEN message is received. BGP sends a KEEPALIVE message and sets a KeepAlive timer. the local system restarts the ConnectRetry timer. the local system closes the BGP connection. 15 BGP Connection Basics: External BGP © 2009 Cisco Systems. otherwise. If the value of the Autonomous System field is the same as the local Autonomous System number. all fields are checked for correctness. or a connection collision (see Section 6. Whenever BGP changes its state from OpenSent to Idle. while continue listening for connection that may be initiated by the remote BGP peer. which was originally set to a large value (see above). the state is changed to OpenConfirm. The Hold Timer. it closes the BGP (and transport-level) connection and releases all resources associated with that connection.8) the local system sends a NOTIFICATION message and changes its state to Idle. Start event is ignored in the Active state. it is "external".

Inc. If the local system receives a NOTIFICATION message. If the local system receives an UPDATE message and the UPDATE message error handling procedure (see Section 6. it changes its state to Idle. it closes the BGP (and transport-level) connection and releases all resources associated with that connection. it restarts its Hold Timer. If a disconnect notification is received from the underlying transport protocol. the local system changes its state to Idle. NOTIFICATION. if the negotiated Hold Time value is non-zero. the local system sends a NOTIFICATION message with Error Code Hold Timer Expired and changes its state to Idle. Established state: In the Established state BGP can exchange UPDATE. the local system sends a KEEPALIVE message and restarts its KeepAlive timer. If a disconnect notification is received from the underlying transport protocol. In response to the Stop event (initiated by either system or operator) the local system sends NOTIFICATION message with Error Code Cease and changes its state to Idle. If the Hold Timer expires. Start event is ignored in the OpenConfirm state. Whenever BGP changes its state from OpenConfirm to Idle. If the Hold Timer expires before a KEEPALIVE message is received. If the KeepAlive timer expires. OpenConfirm state: In this state BGP waits for a KEEPALIVE or NOTIFICATION message. In response to any other event the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle. it changes its state to Idle. the local system sends a NOTIFICATION message and changes its state to Idle.3) detects an error. the local system sends NOTIFICATION message with error code Hold Timer Expired and changes its state to Idle. the local system changes its state to Idle. If the local system receives a KEEPALIVE message. If the local system receives a NOTIFICATION message. 16 BGP Connection Basics: External BGP © 2009 Cisco Systems. it changes its state to Established. . and KEEPALIVE messages with its peer. If the local system receives an UPDATE or KEEPALIVE message.

If the KeepAlive timer expires. BGP Transport fatal error 7 . Receive OPEN message 11 . This Appendix discusses the transitions between states in the BGP FSM in response to BGP events. BGP Transport connection open 4 . Hold Timer expired 9 .output omitted) Rekhter & Li [Page 47] RFC 1771 BGP-4 March 1995 Appendix 1. BGP Start 2 . it closes the BGP (and transport-level) connection. ~~~ (<-. In response to the Stop event (initiated by either system or operator). . and deletes all routes derived from that connection. Receive UPDATE messages 13 . releases all resources associated with that connection. Idle 2 . Whenever BGP changes its state from Established to Idle. it restarts its KeepAlive timer. In response to any other event. the local system sends a KEEPALIVE message and restarts its KeepAlive timer. The following is the list of these states and events when the negotiated Hold Time value is non-zero. OpenConfirm 6 . the local system sends a NOTIFICATION message with Error Code Cease and changes its state to Idle. BGP States: 1 . BGP Transport connection closed 5 . Receive KEEPALIVE message 12 . the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle. KeepAlive timer expired 10 . BGP FSM State Transitions and Actions. Connect 3 . Inc. BGP Transport connection open failed 6 . ConnectRetry timer expired 8 . Start event is ignored in the Established state. Each time the local system sends a KEEPALIVE or UPDATE message. Receive NOTIFICATION message 17 BGP Connection Basics: External BGP © 2009 Cisco Systems. Active 4 . OpenSent 5 . unless the negotiated Hold Time value is zero. Established BGP Events: 1 . BGP Stop 3 .

. Event Actions Message Sent Next State -------------------------------------------------------------------- Idle (1) 1 Initialize resources none 2 Start ConnectRetry timer Initiate a transport connection others none none 1 Connect(2) 1 none none 2 3 Complete initialization OPEN 4 Clear ConnectRetry timer 5 Restart ConnectRetry timer none 3 7 Restart ConnectRetry timer none 2 Initiate a transport connection others Release resources none 1 Active (3) 1 none none 3 3 Complete initialization OPEN 4 Clear ConnectRetry timer 5 Close connection 3 Restart ConnectRetry timer 7 Restart ConnectRetry timer none 2 Initiate a transport connection others Release resources none 1 OpenSent(4) 1 none none 4 4 Close transport connection none 3 Restart ConnectRetry timer 6 Release resources none 1 10 Process OPEN is OK KEEPALIVE 5 Process OPEN failed NOTIFICATION 1 others Close transport connection NOTIFICATION 1 Release resources OpenConfirm (5) 1 none none 5 4 Release resources none 1 6 Release resources none 1 9 Restart KeepAlive timer KEEPALIVE 5 11 Complete initialization none 6 Restart Hold Timer 13 Close transport connection 1 Release resources others Close transport connection NOTIFICATION 1 Release resources 18 BGP Connection Basics: External BGP © 2009 Cisco Systems. Inc. The following table describes the state transitions of the BGP FSM and the actions triggered by these transitions.

Inc. Events| Idle | Connect | Active | OpenSent | OpenConfirm | Estab | (1) | (2) | (3) | (4) | (5) | (6) |-------------------------------------------------------------- 1 | 2 | 2 | 3 | 4 | 5 | 6 | | | | | | 2 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 3 | 1 | 4 | 4 | 1 | 1 | 1 | | | | | | 4 | 1 | 1 | 1 | 3 | 1 | 1 | | | | | | 5 | 1 | 3 | 3 | 1 | 1 | 1 | | | | | | 6 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 7 | 1 | 2 | 2 | 1 | 1 | 1 | | | | | | 8 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 9 | 1 | 1 | 1 | 1 | 5 | 6 | | | | | | 10 | 1 | 1 | 1 | 1 or 5 | 1 | 1 | | | | | | 11 | 1 | 1 | 1 | 1 | 6 | 6 | | | | | | 12 | 1 | 1 | 1 | 1 | 1 | 1 or 6 | | | | | | 13 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | --------------------------------------------------------------- 19 BGP Connection Basics: External BGP © 2009 Cisco Systems. Established (6) 1 none none 6 4 Release resources none 1 6 Release resources none 1 9 Restart KeepAlive timer KEEPALIVE 6 11 Restart Hold Timer KEEPALIVE 6 12 Process UPDATE is OK UPDATE 6 Process UPDATE failed NOTIFICATION 1 13 Close transport connection 1 Release resources others Close transport connection NOTIFICATION 1 Release resources --------------------------------------------------------------------- The following is a condensed version of the above state transition table. .