BGP bewteen 25 routers

Discussion in 'Cisco' started by Jeff, Jan 14, 2005.

  1. Jeff

    Jeff Guest

    We are using EIGRP as the IGP. Here is the output to debug ip tcp
    transactions:

    Jan 14 08:30:29 GMT: TCP0: timeout #4 - timeout is 32000 ms, seq
    1301607442
    Jan 14 08:30:29 GMT: TCP: (56026) -> xxx.yyy.68.1(179)
    Rot#
    Jan 14 08:30:34 GMT: TCP0: timeout #3 - timeout is 16000 ms, seq
    2162412219
    Jan 14 08:30:34 GMT: TCP: (56029) -> xxx.yyy.97.1(179)
    Jan 14 08:30:35 GMT: TCP0: state was TIMEWAIT -> CLOSED [56020 ->
    199.10.205.21(49)]
    Jan 14 08:30:35 GMT: TCB 0x63BAB96C destroyed
    Rot#
    Jan 14 08:30:36 GMT: TCP0: state was TIMEWAIT -> CLOSED [56021 ->
    199.10.205.21(49)]
    Jan 14 08:30:36 GMT: TCB 0x639172D8 destroyed
    Rot#
    Jan 14 08:30:40 GMT: TCP0: bad seg from xxx.yyy.92.1 -- outside
    window: seq 737526623 ack 3500373294 rcvnxt 737526642 rcvwnd 15890
    Rot#
    Jan 14 08:30:43 GMT: TCP0: bad seg from xxx.yyy.85.1 -- outside
    window: seq 3224080656 ack 4198220894 rcvnxt 3224080675 rcvwnd 16308
    Rot#
    Jan 14 08:30:46 GMT: TCP0: bad seg from xxx.yyy.97.1 -- connection
    queue limit reached: seq 1125927023 ack 0 rcvnxt 0 rcvwnd 16384
    Rot#
    Jan 14 08:30:48 GMT: TCP0: bad seg from xxx.yyy.97.1 -- connection
    queue limit reached: seq 1125927023 ack 0 rcvnxt 0 rcvwnd 16384

    Jeff

    ---------------------------

    Von:Ivan Ostreš ()
    Betrifft:Re: BGP will not establish between 3 routers - continued

    View this article only
    Newsgroups:comp.dcom.sys.cisco
    Datum:2005-01-14 01:36:38 PST

    In article <>,
    says...

    What do you get if you do extended ping between endpoints for BGP
    connection? Any timeouts? Do packets go trough?

    --Ivan.

    ------------
    I can't seem to post a response to your response; that is why I
    continue to create new messages.

    More information:

    -- All 3 routers are either 7x00 series Ciscos
    -- IGP is EIGRP
    -- IBGP mesh (peer-group) between 25 routers to the loopback address
    -- We are using MD5 authentication on all the IBGP sessions
    -- 3 of the 25 routers won't establish a IBGP session among themselves
    but the 3 routers (each in a different country) have established IBGP
    sessions with the other 22 routers

    I haven't tried an extended ping but am able to perform normal ping.
    Each of the three routers has the loopback addresses of the other two
    routers in its routing table. I tried creating an extended
    access-list and then used "debug list <access-list number>" and "debug
    ip bgp transactions" and "debug ip packet detail" but it seems the
    access-list is not filitering the data from the output of the debug
    commands. The extended access-list had as a source IP the loopback of
    the local router and as a destination the loopback IP of one of the
    other routers. I also tried creating an extended access-list to
    filter on loopback IP with TCP port 179 but that didn't work either.

    Jeff
     
    Jeff, Jan 14, 2005
    #1
    1. Advertising

  2. Jeff

    Ivan Ostreš Guest

    In article <>,
    says...
    > I haven't tried an extended ping but am able to perform normal ping.
    >


    The idea behind extended ping is to see if real BGP endpoints
    (loopbacks) can communicate without big timeouts or similar problems
    that would kill TCP connection you're using with BGP. Sometimes it makes
    a difference from using standard ping which uses the address of outgoing
    interface as a source address.

    If extended ping shows no big delays or packet loss (loopback to
    loopback) then I would check for bugs on CCO and open a TAC case. I
    remember that one of my customers had a problems with 7500 and 7200
    series which were able to create initial connection but connection would
    just die after a while with the sam "bad segment received" message.

    HTH,

    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
     
    Ivan Ostreš, Jan 15, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. harald rüger
    Replies:
    0
    Views:
    543
    harald rüger
    Oct 25, 2004
  2. Bombay CCIE Study Group 2005

    Support for BGP & ISIS in Cisco 1600 routers?

    Bombay CCIE Study Group 2005, Dec 12, 2004, in forum: Cisco
    Replies:
    8
    Views:
    2,803
    Ted Mittelstaedt
    Dec 14, 2004
  3. Jeff
    Replies:
    1
    Views:
    501
    Ivan Ostreš
    Jan 14, 2005
  4. papi
    Replies:
    4
    Views:
    2,224
    theapplebee
    Sep 8, 2009
  5. MSDN newsgroup
    Replies:
    11
    Views:
    1,384
    MSDN newsgroup
    Jul 12, 2009
Loading...

Share This Page