BGP Connection Basics

External BGP

Unlike most other routing protocols, Border Gateway Protocol (BGP) does not automatically discover
neighbors and then send updates. It must be manually configured with information regarding what devices
to peer with and what information to advertise to those peers. Security is the main driver behind this
method.

So when configuring a Cisco router to advertise using BGP, the first step is to establish peering between the
BGP devices and verify that the BGP devices have peered. It is important to stop and verify connectivity.
Nothing will work if the underlying connection is not made, so you should verify connectivity while things are
simple.

This document is about establishing this basic connectivity, and covers external BGP peering. Internal BGP
is covered in a later document.

Generally, but not always, External BGP (EBGP) peers are directly connected. This document covers basic
connectivity step by step, using the following scenario:

AS 65001 AS 65002
Lo0 Lo0
172.16.255.1/32 172.16.255.2/32
Router C Router D

S0/0/1 S0/0/1
192.168.1.1/24 192.168.1.2/24

As shown in the example, the BGP devices are directly connected using ports S0/0/1, and IP addresses
192.168.1.1 & 192.168.1.2.

1 BGP Connection Basics: External BGP © 2009 Cisco Systems, Inc.

Inc.124-12.com/techsupport http://www.. RELEASE SOFTWARE (fc1) ~ ~ ~ (<-.. Building configuration.bin" ~ ~ ~ (<-. memory.output omitted) Cisco 2811 (revision 53. Copyright (c) 1986-2006 by Cisco Systems.124-12. System image file is "flash:c2800nm- advipservicesk9-mz. RELEASE SOFTWARE 12.cisco. Inc. Version 12.output omitted) System image file is "flash:c2800nm.output omitted) 2 BGP Connection Basics: External BGP © 2009 Cisco Systems. Current configuration : 882 bytes Current configuration : 1319 bytes ! ! version 12.4 ~ ~ ~ (<-. 62720K bytes of ATA CompactFlash 62720K bytes of ATA CompactFlash (Read/Write) (Read/Write) Configuration register is 0x2101 Configuration register is 0x2102 MikeC# MikeD# Starting Configuration Starting Configuration MikeC# MikeD# MikeC#show run MikeD#show run Building configuration.. Version 12.output omitted) ~ ~ ~ (<-.4 version 12. 2800 Software Cisco IOS Software.4(12). Processor board ID FTX1013A1DJ Processor board ID FTX1107A6A1 2 FastEthernet interfaces 2 FastEthernet interfaces 2 Serial(sync/async) interfaces 2 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with DRAM configuration is 64 bits wide with parity enabled.4(13r)T. Inc. 239K bytes of non-volatile configuration 239K bytes of non-volatile configuration memory.51) with Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory. parity enabled.output omitted) ~ ~ ~ (<-. Version (C2800NM-ADVIPSERVICESK9-M). Version [hqluong 1r].4(12).cisco. RELEASE SOFTWARE (fc1) (fc1) Technical Support: Technical Support: http://www.4(1r) ROM: System Bootstrap. . 249856K/12288K bytes of memory. Compiled Fri 17-Nov-06 12:02 by Compiled Fri 17-Nov-06 12:02 by prod_rel_team prod_rel_team ROM: System Bootstrap.Here is the version information. 2800 Software (C2800NM-ADVIPSERVICESK9-M).output omitted) ~ ~ ~ (<-..bin" advipservicesk9-mz. along with initial configurations: Router C Router D Version information: Version information: MikeC#s ver MikeD#s ver Cisco IOS Software.com/techsupport Copyright (c) 1986-2006 by Cisco Systems. RELEASE SOFTWARE (fc1) 12.

BGP is not active.255.0 ip address 192.255.255 ip address 172. Inc.255.1.output omitted) ~ ~ ~ (<-.255.2 255.255.255. as shown by the following: MikeC#s ip bgp summary % BGP not active MikeC# 3 BGP Connection Basics: External BGP © 2009 Cisco Systems.168.16.255.168.0 clock rate 2000000 ! ! ! ! ip http server ip http server no ip http secure-server no ip http secure-server ! ! ~ ~ ~ (<-.255 ! ! interface FastEthernet0/0 interface FastEthernet0/0 no ip address no ip address shutdown shutdown duplex auto duplex auto speed auto speed auto ! ! interface FastEthernet0/1 interface FastEthernet0/1 no ip address no ip address shutdown shutdown duplex auto duplex auto speed auto speed auto ! ! interface Serial0/0/0 interface Serial0/0/0 no ip address no ip address shutdown shutdown ! ! interface Serial0/0/1 interface Serial0/0/1 ip address 192.255.255.1 255. .255.2 255.1.! ! interface Loopback0 interface Loopback0 ip address 172.1 255.16.output omitted) MikeD# MikeC# At this point.

the router tries to establish a TCP connection with the neighboring device. local address 192.168.1.168.168.168. ~ ~ ~ (<-.Basic BGP Connectivity Now you will configure basic BGP connectivity: MikeC#conf t Enter configuration commands. Inc. you will see the following in this IOS version: MikeC#s run Building configuration.output omitted) (2) MikeC(config-router)#nei 192. This command gives the ip address of the device.. MikeD(config)#router bgp 65002 MikeD(config-router)#nei 192.1.2 went from Idle to Active *Oct 1 19:27:21. one per line.2 open active delayed 34461ms (35000ms max.1 remote-as 65001 MikeD(config-router)#^Z MikeD# 4 BGP Connection Basics: External BGP © 2009 Cisco Systems.2 open failed: Connection refused by remote Notice that the BGP state went from Idle to Active. Side note: If you exit configuration mode at this point and do a show running-config. which will be discussed in more detail later. one per line.1.168.1. so you get the following output: *Oct 1 19:27:21. Now it is time to enable BGP on Router D.output omitted) ! router bgp 65001 no synchronization bgp log-neighbor-changes no auto-summary ! ~ ~ ~ (<-. .1.168. MikeC(config)#router bgp 65001 MikeC(config-router)#nei 192.168.1. 28% jitter) *Oct 1 19:27:55.478: BGP: 192. At this point. End with CNTL/Z.1.1 *Oct 1 19:27:55.478: BGP: 192.014: BGP: 192.2 remote-as 65002 MikeC(config-router)#^Z MikeC# Now take a look at both configuration statements so that you can see what is happening: (1) MikeC(config)#router bgp 65001 Start the BGP process. End with CNTL/Z. which is the same as on Router C except for the neighbor’s IP address and AS number: MikeD#conf t Enter configuration commands.2 open active. Router D has not been configured yet. and the autonomous system number that it belongs to.1. and allocate resources.2 remote-as 65002 Manually specify the BGP neighbor to peer with.168.014: BGP: 192.. Active is not an operational state.

1 OPEN has CAPABILITY code: 128.2 OPEN has CAPABILITY code: 128.168.168.168.914: BGP: 192.959: BGP: 192.2 OPEN has ROUTE-REFRESH capability(new) for all address-families BGP: 192.168.1.168.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 5 BGP Connection Basics: External BGP © 2009 Cisco Systems.168.168.926: BGP: 192.914: BGP: 192.168.922: BGP: 192.1 OPEN has ROUTE-REFRESH capability(old) for all address-families Oct 1 11:39:51.1 rcv OPEN w/ OPTION parameter len: 16 Oct 1 11:39:51.1.168.811: BGP: 192.955: BGP: 192.2 rcvd OPEN w/ remote AS 65002 *Oct 1 19:33:31.2 OPEN has MP_EXT CAP for afi/safi: 1/1 *Oct 1 19:33:31.955: BGP: 192.955: BGP: 192.1 *Oct 1 19:33:31.1.1.168. holdtime 180 seconds *Oct 1 19:33:31.1.922: BGP: 192. my as: 65002. holdtime 180 seconds Oct 1 11:39:51.926: BGP: 192.2 OPEN has ROUTE-REFRESH capability(old) for all address-families *Oct 1 19:33:31. length 4 Oct 1 11:39:51. length 4 *Oct 1 19:33:31.918: BGP: 192. length 0 *Oct 1 19:33:31.168.926: BGP: 192. header) 26 *Oct 1 19:33:31.1.168.926: BGP: 192.1 OPEN has CAPABILITY code: 1.955: BGP: 192.168.1 rcv OPEN.1.1.168.1.955: BGP: 192. version 4.168.1.168.168.926: BGP: 192.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 *Oct 1 19:33:31.1.1 went from Idle to Connect Oct 1 11:39:51.1.168.2 rcv message type 1.2 Up The same on Router D: Oct 1 11:39:42. On Router C: *Oct 1 19:33:31.168.168.1. header) 45 *Oct 1 19:33:31.1 rcv message type 1.168.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 Oct 1 11:39:51.Now that the neighbors have been configured to peer with each other.926: BGP: 192.168.168. holdtime 180 seconds Oct 1 11:39:51. length 0 *Oct 1 19:33:31. Inc.1.2 went from OpenSent to OpenConfirm *Oct 1 19:33:31.926: BGP: 192.1.1.168.168.168.1.959: BGP: 192.168.955: BGP: 192. my as: 65001.1.1. holdtime 180 seconds *Oct 1 19:33:31.2 rcv OPEN w/ OPTION parameter len: 16 *Oct 1 19:33:31.168.168.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 *Oct 1 19:33:31. version 4.1.168.1.168.1.2 OPEN has CAPABILITY code: 2.1.926: %BGP-5-ADJCHANGE: neighbor 192. 28% jitter) Oct 1 11:39:51.955: BGP: 192.959: BGP: 192.168.955: BGP: 192.1.1.959: BGP: 192.2 sending OPEN.1.1 passive open to 192.1.2 OPEN has CAPABILITY code: 1.2 went from OpenConfirm to Established *Oct 1 19:33:31.1. length (incl.1.1 went from Active to Idle Oct 1 11:39:51.168.926: BGP: 192. that is what they do. the rest shows just the progression in getting there). . (Please note before you study the output in detail that only the last line is important.922: BGP: 192.1.168. length (excl.926: BGP: 192. local address 192.2 went from Active to OpenSent *Oct 1 19:33:31.955: BGP: 192.1 open active delayed 30636ms (35000ms max.2 send message type 1.2 rcv OPEN.926: BGP: 192. version 4.1. header) 26 Oct 1 11:39:51. version 4.955: BGP: 192.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 *Oct 1 19:33:31.168.1 sending OPEN.168.1.1 OPEN has MP_EXT CAP for afi/safi: 1/1 Oct 1 11:39:51.1. length 0 Oct 1 11:39:51.914: BGP: 192.1.168.1 went from Idle to Active Oct 1 11:39:42.811: BGP: 192.1.1.2 Oct 1 11:39:51.168.926: BGP: 192.1 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 Oct 1 11:39:51.1.955: BGP: 192.1.168.2 open active.1 went from Connect to OpenSent Oct 1 11:39:51.1. length (excl.

2.1 OPEN has CAPABILITY code: 2. you have to manually tell BGP to advertise prefixes.1. external link BGP version 4. up for 00:03:12 Last read 00:00:12.1. the devices have not been configured to do so yet. Oct 1 11:39:51.output omitted) The BGP state is given as Established. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192. (Remember that for security purposes.1 went from OpenSent to OpenConfirm Oct 1 11:39:51. . the State/PfxRcd field is reporting 0. use the show ip bgp neighbors command: MikeC#s ip bgp nei BGP neighbor is 192.1 went from OpenConfirm to Established Oct 1 11:39:51.1. last write 00:00:12.1.168.1.168. you can use the following show commands to determine the state of the BGP peers: MikeC#s ip bgp sum BGP router identifier 172. Once the state is Established.2 BGP state = Established. a digit greater than 0 means that the state is established. and you have not told BGP to do that yet).1. This situation is acceptable. hold time is 180.16.1.168.2 4 65002 6 6 1 0 0 00:02:52 0 Note that when using the show ip bgp summary command. If you want to really get into the preceding details. no prefixes have been received. If you really need to see that the state is Established.1 Up The preceding output shows that BGP connectivity between the peers is up and operational.963: %BGP-5-ADJCHANGE: neighbor 192.963: BGP: 192. If you missed the preceding output or are checking on BGP at a later time. remote router ID 172.1. and in this case.168. length 0 Oct 1 11:39:51. since you have not yet configured the ability to advertise.1 OPEN has ROUTE-REFRESH capability(new) for all address-families BGP: 192. length (incl.255. there is more information on the BGP states later in this document.255.168.1. the BGP devices have peered and can now pass network information—except that in the example here.1 send message type 1.168.1. local AS number 65001 BGP table version is 1.959: BGP: 192.16. keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received ~ ~ ~ (<-. remote AS 65002.168.168. Inc.1 rcvd OPEN w/ remote AS 65001 Oct 1 11:39:51.168. The last line says that the state went from OpenConfirm to Established. header) 45 Oct 1 11:39:51.959: BGP: 192.959: BGP: 192. not established. 6 BGP Connection Basics: External BGP © 2009 Cisco Systems. The omitted output is counters that become significant after BGP has begun to advertise.959: BGP: 192.

If you are sure that your configuration is correct. The show running-config command can verify this situation. Inc. . 1) You execute the show ip bgp summary command and receive the following: MikeC#s ip bgp sum % BGP not active MikeC# As shown here. local AS number 65001 BGP table version is 1. what can go wrong? More than you might think. or you may have done it yourself. but for whatever reason BGP is not there. what will be the output of the show ip bgp summary command? The following output came from Router C when it was configured for BGP but Router D was not: MikeC#s ip bgp sum BGP router identifier 172.If the state is not Established. But make sure that you have thoroughly checked your end first.255. If you see BGP configured and you are getting this output. you have a more serious problem and it is not a BGP problem. 2) The show ip bgp summary command gives the following output: MikeC#s ip bgp sum MikeC# No output at all—fairly ambiguous.168. the other peer may belong to another autonomous system that you cannot access. this means that. you will have to contact the administrator of the other autonomous system and have them verify their configuration. What does the show ip bgp neighbors command have to say? MikeC#s ip bgp nei MikeC# 7 BGP Connection Basics: External BGP © 2009 Cisco Systems. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192. Your colleague insists that BGP is configured on the router.1. and you still cannot get to the Established state. for whatever reason.16. and it is usually a configuration problem. What Can Go Wrong? In its simplicity. Please note that many times you have access to only one of the BGP peers. BGP has not been configured on this device.1.2 4 65002 0 0 0 0 0 never Active MikeC# You can see that the State/PfxRcd field says Active instead of showing a digit.

you must first troubleshoot the connectivity problem. hold time is 180. last write 00:00:00.2 4 65002 0 0 0 0 0 never Idle MikeC#s ip bgp nei BGP neighbor is 192.output omitted) The BGP process has been configured.1.2. remote AS 65002. A more detailed explanation will follow. If it is not.168. but it is just not working. you can still peer with a nondirectly connected interface.  Since you are building a TCP connection. However. external link BGP version 4.2. there must be connectivity between the devices. but no neighbor has been specified. 3) The configuration is there. Can you ping the neighbor’s IP address? If not.16.  Is the neighbor directly connected? This means that the neighbor address that you are using needs to be the IP address of the neighboring device’s directly connected interface. before peering with an interface that is not directly connected.output omitted) ! router bgp 65001 no synchronization bgp log-neighbor-changes no auto-summary ! ~ ~ ~ (<-. Is something stopping traffic to or from TCP port 179 (BGP uses TCP port 179)? That is also a possibility. local AS number 65001 BGP table version is 1. you should ensure that you have a good reason for doing so.0 BGP state = Idle Last read 00:00:00.0. keepalive interval is 60 seconds Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 0 0 Notifications: 0 0 Updates: 0 0 Keepalives: 0 0 Route Refresh: 0 0 Total: 0 0 Default minimum time between advertisement runs is 30 seconds 8 BGP Connection Basics: External BGP © 2009 Cisco Systems. It is equally silent on the subject. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192. A quick look at show running-config tells you what you need to know: MikeC#s run ~ ~ ~ (<-. Inc.2. There are several things that can cause this issue. remote router ID 0. but it is a little more involved.168.0.255.  Check out the following output from the show ip bgp summary and show ip bgp neighbors commands: MikeC#s ip bgp sum BGP router identifier 172. .

local AS number 65001 BGP table version is 1.168. remote AS 65002.1.0. No active TCP connection MikeC# Note that the show ip bgp summary command shows the state as Idle and that the show ip bgp neighbors command also shows the state as Idle and specifies at the end that there is no active TCP connection. ------- Total: 0 0 Number of NLRIs in the update sent: max 0.168.16. .2.168. For address family: IPv4 Unicast BGP table version 1.0 BGP state = Active Last read 00:00:11.2.0. main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.2.168. MikeC#s ip bgp nei BGP neighbor is 192. Offset 0.0.255. dropped 0 Last reset never External BGP neighbor not directly connected. ---- Prefixes Current: 0 0 Prefixes Total: 0 0 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 0 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: -------. It is easy to miss the fact that it is not the IP address of the neighbor—close. Inc. external link BGP version 4.1. remote router ID 0. not 192.0  How about this output from the show ip bgp summary and show ip bgp neighbors commands: MikeC#s ip bgp sum BGP router identifier 172. remote router ID 0.2.1. last write 00:00:11.0.168.1. hold time is 180. Mask 0x2 1 update-group member Sent Rcvd Prefix activity: ---. neighbor version 0/0 Output queue size : 0 Index 1.2 4 65022 2 2 0 0 0 never Active MikeC#s ip bgp nei BGP neighbor is 192. external link BGP version 4. The neighbor is 192. keepalive interval is 60 seconds Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 2 2 9 BGP Connection Basics: External BGP © 2009 Cisco Systems. min 0 Connections established 0. remote AS 65022. Can you find a reason for this? Look more carefully at the neighbor that is specified.2. but not close enough.2.

Offset 0.168.2. 10 BGP Connection Basics: External BGP © 2009 Cisco Systems.0 Peering with Nondirectly Connected Interfaces While in most instances you will be peering with directly connected BGP devices. or it may be that the number you were given is incorrect. note that in the example.1. Inc. The wrong AS number will give the preceding output. that is not always the case. Notifications: 2 0 Updates: 0 0 Keepalives: 0 0 Route Refresh: 0 0 Total: 2 2 Default minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP table version 1. remote router ID 0. you are peering with AS 65002. shows peering between the loopback interfaces instead of between the directly connected interfaces. remote AS 65022. ------- Total: 0 0 Number of NLRIs in the update sent: max 0.0. MikeC#s ip bgp nei BGP neighbor is 192. dropped 0 Last reset never No active TCP connection MikeC# Review the neighbor’s autonomous system (AS) number. Mask 0x2 1 update-group member Sent Rcvd Prefix activity: ---. It may be a typo. external link BGP version 4. The following example. . Cisco routers have the ability to EBGP peer with devices that are not directly connected. and AS 65022 was input. neighbor version 0/0 Output queue size : 0 Index 1. min 0 Connections established 0.0. ---- Prefixes Current: 0 0 Prefixes Total: 0 0 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 0 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: -------.

Router C was told to peer with Router D IP address 192. In the previous example.255. then you use the neighbor <ip address> update-source <interface> command. Cisco routers use the IP address of the outgoing interface to peer with its BGP neighbor.168.255. one per line.16.793: BGP: 172.1. open active delayed 33707ms (35000ms max.2/24 By default. The same is true for Router D.2 remote-as 65002 MikeC(config-router)#nei 172.255. Router C was not told to build the peering using the IP address of the serial interface.2/32 Router C Router D S0/0/1 S0/0/1 192. you must add the neighbor <ip address> ebgp- multihop {ttl} command.16. However. peering using loopback interfaces is a valid way to connect and loadshare when there are multiple links between the two peering routers.1.2 update-source loopback 0 MikeC(config-router)#nei 172.255. The peering was built between the directly connected interfaces. the router does not find its peer by way of another path.16. . End with CNTL/Z.16.no route to peer.16. You must also ensure that the peer uses that IP address in its neighbor statements.117: BGP: 172.2 went from Idle to Active *Oct 2 00:02:52. Here is the configuration: Router C MikeC#conf t Enter configuration commands. To peer with an interface that is not directly connected. The Time to Live (TTL) field allows you to specify the number of hops (security again).2 open active delayed 30673ms (35000ms max. The example shows peering using loopback interfaces.168. 28% jitter) 11 BGP Connection Basics: External BGP © 2009 Cisco Systems.To repeat.168. 28% jitter) *Oct 2 00:03:22.255.1/32 172. If you want your router to peer using the IP address of an interface that is not the one directly connected to its BGP neighbor (such as a loopback interface address). MikeC(config)#router bgp 65001 MikeC(config-router)#nei 172.1.2 ebgp-multihop MikeC# *Oct 2 00:02:52. there is only one path.255.16.2 active open failed . Router D was told to peer with Router C IP address 192.168.117: BGP: 172. make sure that you have a good reason.255. if you are going to do this. AS 65001 AS 65002 Lo0 Lo0 172.16. where the devices peered with the directly connected interfaces.1. This command tells the router that the BGP peer is not directly connected but is multiple hops away.1/24 192. but that is usually not necessary.1. Generally. and if the link goes down.255.2. it did it by default. The example here shows a connection using the loopback 0 interfaces.16. or you can let it default to 255. Inc.

255. your state will go to Enabled.255. End with CNTL/Z. 28% jitter) Looking at the show ip bgp summary and show ip bgp neighbors commands.16.  The update-source loopback 0 command states that you will be peering using the loopback 0 interface. You have specified the neighbor IP address. a lot of troubleshooting time is spent tracking down connectivity problems that turn out to be simply that the ebgp-multihop or the update- source commands have not been configured.16. MikeD(config)#router bgp 65002 MikeD(config-router)#nei 172. The terminal output when we configured BGP tells you that there is no route to the peer.16.1 active open failed . How about a static route? MikeC#conf t Enter configuration commands.1 update-source loopback 0 MikeC(config-router)#nei 172. You are not sharing internal network information with your neighboring autonomous system. The address is not in your autonomous system and is therefore not in your routing table. .16.2 255. though. open active delayed 26811ms (35000ms max. and therefore the neighbor could be up to 255 hops away. Along with the problems mentioned in the “What Can Go Wrong?” section.193: BGP: 172. and it is certainly not sharing its information with you.1 remote-as 65001 MikeD(config-router)#nei 172. Router D MikeD#conf t Enter configuration commands.1 went from Idle to Active Oct 1 16:11:09. MikeC(config)#ip route 172. In this case. Inc. 12 BGP Connection Basics: External BGP © 2009 Cisco Systems.255.16. You will save yourself time if you remember this important point. End with CNTL/Z. so many people forget that it is needed for EBGP.1 255.255 192.255.255.193: BGP: 172. End with CNTL/Z.1 ebgp-multihop MikeD# Oct 1 16:11:09.16. Think about it. You need a way to route to the peering IP address.1. 28% jitter) Oct 1 16:11:43.168. If the router at the other end is configured correctly. but the router does not know how to get there.255. IBGP does not need a multihop command to peer with non–directly connected peers.2 MikeD(config)#^z MikeD(config)# Watch the output after you have configured your router.16.  The ebgp-multihop command lets the router know that the TTL field must be set higher than 1 to allow the neighbor to be multiple hops away.729: BGP: 172. a hop count has not been specified.255. This is a very common mistake when configuring non–directly connected BGP connectivity.255.16. one per line. you see that the BGP state is Active and that no TCP session has been established.255.no route to peer. one per line.2 MikeC(config)#^z MikeC(config)# MikeD#conf t Enter configuration commands.255. MikeD(config)#ip route 172. or both. one per line.1 open active delayed 34535ms (35000ms max.

Following is a brief summary and overview of BGP operations by state as determined by this FSM. 3) Active: If your BGP neighbor is in this state it means that there is a problem (see information above). 13 BGP Connection Basics: External BGP © 2009 Cisco Systems.” from March 1995. The exact value of the ConnectRetry timer is a local matter. or to OpenSent if the TCP connection is made. and the router is not even thinking about trying to do so. and changes its state to Connect. Idle state: In this state BGP refuses all incoming BGP connections. the following information is copied from RFC 1771. with transitions and actions.output omitted) 8. Watson Research Center. 5) OpenConfirm: BGP is still performing its handshaking. or back to Idle. If you would like to know exactly what each BGP state is and does. starts the ConnectRetry timer. Rekhter Request for Comments: 1771 T. 4) OpenSent: The TCP session is active. and Appendix 1. In response to the Start event (initiated by either system or operator) the local system initializes all BGP resources. A condensed version of the BGP FSM is found in Appendix 1. Obsoletes: 1654 T. titled “A Border Gateway Protocol 4 (BGP-4). BGP is performing its handshaking. while listening for connection that may be initiated by the remote BGP peer. it goes to Active.J. It does not stay in this state long. which defines the states and actions.BGP States Here is a quick summary of the BGP states: 1) Idle: The BGP peers are not connected. 6) Established: BGP has connected with its neighbor. Network Working Group Y. Section 8. Inc. 2) Connect: The router has decided to connect to its peer. but should be sufficiently large to allow TCP initialization. are given here. . BGP Finite State machine. Initially BGP is in the Idle state. No resources are allocated to the peer. initiates a transport connection to other BGP peer. IBM Corp. You will rarely see this using a show command. This section specifies BGP operation in terms of a Finite State Machine (FSM). Li Category: Standards Track cisco Systems Editors March 1995 A Border Gateway Protocol 4 (BGP-4) ~~~ (<-.

If the transport protocol connect fails (e. retransmission timeout). the local system restarts the ConnectRetry timer. The value of the initial timer shall be 60 seconds. and changes its state to Active state. The time shall be doubled for each consecutive retry. In response to the ConnectRetry timer expired event. then persistent BGP errors may result in persistent flapping of the speaker. For a peer that was previously transitioned to Idle due to an error. Start event is ignored in the Active state. and changes its state to Connect. the time between consecutive generation of Start events. In response to any other event (initiated by either system or operator). the local system releases all BGP resources associated with this connection and changes its state to Idle. Getting out of the Idle state requires generation of the Start event. sends an OPEN message to its peer. continues to listen for a connection that may be initiated by the remote BGP peer. and stays in the Connect state. A Hold Timer value of 4 minutes is suggested. completes initialization. To avoid such a condition it is recommended that Start events should not be generated immediately for a peer that was previously transitioned to Idle due to an error. the local system clears the ConnectRetry timer. If the transport protocol connection succeeds. if such events are generated automatically. initiates a transport connection to other BGP peer. the local system restarts the ConnectRetry timer. it shuts down the connection and changes its state to Idle. If such an event is generated automatically.. shall exponentially increase.g. sends an OPEN message to its peer. In response to the ConnectRetry timer expired event. . Inc. If a BGP speaker detects an error. If the transport protocol connection succeeds. and changes its state to OpenSent. 14 BGP Connection Basics: External BGP © 2009 Cisco Systems. initiates a transport connection to other BGP peer. the local system clears the ConnectRetry timer. Any other event received in the Idle state is ignored. and changes its state to OpenSent. Connect state: In this state BGP is waiting for the transport protocol connection to be completed. sets its Hold Timer to a large value. completes initialization. the local system restarts the ConnectRetry timer. continues to listen for a connection that may be initiated by the remote BGP peer. continues to listen for a connection that may be initiated by the remote BGP peer. Active state: In this state BGP is trying to acquire a peer by initiating a transport protocol connection.

and the IP address of the remote peer is not an expected one. Start event is ignored in the Active state. The Hold Timer.) Finally. otherwise. If the local system detects that a remote peer is trying to establish BGP connection to it. continues to listen for a connection that may be initiated by the remote BGP peer. then the Hold Time timer and KeepAlive timers are not started. OpenSent state: In this state BGP waits for an OPEN message from its peer. 15 BGP Connection Basics: External BGP © 2009 Cisco Systems. the local system closes the BGP connection. In response to the Stop event (initiated by either system or operator) the local system sends NOTIFICATION message with Error Code Cease and changes its state to Idle. the local system restarts the ConnectRetry timer. then the connection is an "internal" connection. it closes the BGP (and transport-level) connection and releases all resources associated with that connection. BGP sends a KEEPALIVE message and sets a KeepAlive timer.2). all fields are checked for correctness. Whenever BGP changes its state from OpenSent to Idle. If the value of the Autonomous System field is the same as the local Autonomous System number. which was originally set to a large value (see above). rejects the attempted connection. (This will effect UPDATE processing as described below. or a connection collision (see Section 6. while continue listening for connection that may be initiated by the remote BGP peer. Start event is ignored in the OpenSent state. . If the BGP message header checking or OPEN message checking detects an error (see Section 6. restarts the ConnectRetry timer. the local system releases all BGP resources associated with this connection and changes its state to Idle. In response to any other event the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle. and goes into the Active state. is replaced with the negotiated Hold Time value (see section 4. If a disconnect notification is received from the underlying transport protocol. If there are no errors in the OPEN message. In response to any other event (initiated by either system or operator). Inc. the state is changed to OpenConfirm. When an OPEN message is received. the local system sends NOTIFICATION message with error code Hold Timer Expired and changes its state to Idle. If the Hold Timer expires.2). If the negotiated Hold Time value is zero. it is "external".8) the local system sends a NOTIFICATION message and changes its state to Idle. and stays in the Active state.

it changes its state to Idle. Start event is ignored in the OpenConfirm state. it closes the BGP (and transport-level) connection and releases all resources associated with that connection. . the local system sends a KEEPALIVE message and restarts its KeepAlive timer. If the local system receives an UPDATE message and the UPDATE message error handling procedure (see Section 6. If the local system receives a NOTIFICATION message. Established state: In the Established state BGP can exchange UPDATE. the local system changes its state to Idle. If a disconnect notification is received from the underlying transport protocol.3) detects an error. if the negotiated Hold Time value is non-zero. and KEEPALIVE messages with its peer. Inc. it restarts its Hold Timer. it changes its state to Idle. 16 BGP Connection Basics: External BGP © 2009 Cisco Systems. Whenever BGP changes its state from OpenConfirm to Idle. If the local system receives a KEEPALIVE message. the local system sends a NOTIFICATION message with Error Code Hold Timer Expired and changes its state to Idle. the local system sends NOTIFICATION message with error code Hold Timer Expired and changes its state to Idle. If the Hold Timer expires. OpenConfirm state: In this state BGP waits for a KEEPALIVE or NOTIFICATION message. it changes its state to Established. NOTIFICATION. If a disconnect notification is received from the underlying transport protocol. If the local system receives a NOTIFICATION message. In response to the Stop event (initiated by either system or operator) the local system sends NOTIFICATION message with Error Code Cease and changes its state to Idle. If the local system receives an UPDATE or KEEPALIVE message. If the Hold Timer expires before a KEEPALIVE message is received. the local system changes its state to Idle. the local system sends a NOTIFICATION message and changes its state to Idle. If the KeepAlive timer expires. In response to any other event the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle.

Inc. ~~~ (<-. it closes the BGP (and transport-level) connection. Receive NOTIFICATION message 17 BGP Connection Basics: External BGP © 2009 Cisco Systems. Connect 3 . Each time the local system sends a KEEPALIVE or UPDATE message. Receive KEEPALIVE message 12 . Hold Timer expired 9 . Start event is ignored in the Established state. KeepAlive timer expired 10 . BGP Transport connection open failed 6 . Whenever BGP changes its state from Established to Idle. OpenConfirm 6 . BGP Transport connection closed 5 . ConnectRetry timer expired 8 . . If the KeepAlive timer expires. Receive UPDATE messages 13 . BGP Transport fatal error 7 .output omitted) Rekhter & Li [Page 47] RFC 1771 BGP-4 March 1995 Appendix 1. and deletes all routes derived from that connection. Idle 2 . This Appendix discusses the transitions between states in the BGP FSM in response to BGP events. In response to the Stop event (initiated by either system or operator). unless the negotiated Hold Time value is zero. In response to any other event. Established BGP Events: 1 . the local system sends NOTIFICATION message with Error Code Finite State Machine Error and changes its state to Idle. releases all resources associated with that connection. BGP Transport connection open 4 . BGP Start 2 . BGP FSM State Transitions and Actions. it restarts its KeepAlive timer. the local system sends a KEEPALIVE message and restarts its KeepAlive timer. The following is the list of these states and events when the negotiated Hold Time value is non-zero. Receive OPEN message 11 . Active 4 . BGP Stop 3 . the local system sends a NOTIFICATION message with Error Code Cease and changes its state to Idle. BGP States: 1 . OpenSent 5 .

The following table describes the state transitions of the BGP FSM and the actions triggered by these transitions. Event Actions Message Sent Next State -------------------------------------------------------------------- Idle (1) 1 Initialize resources none 2 Start ConnectRetry timer Initiate a transport connection others none none 1 Connect(2) 1 none none 2 3 Complete initialization OPEN 4 Clear ConnectRetry timer 5 Restart ConnectRetry timer none 3 7 Restart ConnectRetry timer none 2 Initiate a transport connection others Release resources none 1 Active (3) 1 none none 3 3 Complete initialization OPEN 4 Clear ConnectRetry timer 5 Close connection 3 Restart ConnectRetry timer 7 Restart ConnectRetry timer none 2 Initiate a transport connection others Release resources none 1 OpenSent(4) 1 none none 4 4 Close transport connection none 3 Restart ConnectRetry timer 6 Release resources none 1 10 Process OPEN is OK KEEPALIVE 5 Process OPEN failed NOTIFICATION 1 others Close transport connection NOTIFICATION 1 Release resources OpenConfirm (5) 1 none none 5 4 Release resources none 1 6 Release resources none 1 9 Restart KeepAlive timer KEEPALIVE 5 11 Complete initialization none 6 Restart Hold Timer 13 Close transport connection 1 Release resources others Close transport connection NOTIFICATION 1 Release resources 18 BGP Connection Basics: External BGP © 2009 Cisco Systems. Inc. .

Established (6) 1 none none 6 4 Release resources none 1 6 Release resources none 1 9 Restart KeepAlive timer KEEPALIVE 6 11 Restart Hold Timer KEEPALIVE 6 12 Process UPDATE is OK UPDATE 6 Process UPDATE failed NOTIFICATION 1 13 Close transport connection 1 Release resources others Close transport connection NOTIFICATION 1 Release resources --------------------------------------------------------------------- The following is a condensed version of the above state transition table. . Events| Idle | Connect | Active | OpenSent | OpenConfirm | Estab | (1) | (2) | (3) | (4) | (5) | (6) |-------------------------------------------------------------- 1 | 2 | 2 | 3 | 4 | 5 | 6 | | | | | | 2 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 3 | 1 | 4 | 4 | 1 | 1 | 1 | | | | | | 4 | 1 | 1 | 1 | 3 | 1 | 1 | | | | | | 5 | 1 | 3 | 3 | 1 | 1 | 1 | | | | | | 6 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 7 | 1 | 2 | 2 | 1 | 1 | 1 | | | | | | 8 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | 9 | 1 | 1 | 1 | 1 | 5 | 6 | | | | | | 10 | 1 | 1 | 1 | 1 or 5 | 1 | 1 | | | | | | 11 | 1 | 1 | 1 | 1 | 6 | 6 | | | | | | 12 | 1 | 1 | 1 | 1 | 1 | 1 or 6 | | | | | | 13 | 1 | 1 | 1 | 1 | 1 | 1 | | | | | | --------------------------------------------------------------- 19 BGP Connection Basics: External BGP © 2009 Cisco Systems. Inc.