1

Troubleshooting 1: BGP BASICS

LET’S TROUBLESHOOT: BGP BASICS

VICENS FERRAN
ENARSI

TOPOLOGY

/vicens-ferran-rabassa 2
 Troubleshooting 1: BGP BASICS

TROUBLE TICKET
Once configured, session between both routers is cleared from R1.
R1 begins to show error messages as below.
What’s going on? Which is the issue?

/vicens-ferran-rabassa 3
 Troubleshooting 1: BGP BASICS

ROUTER CONFIGURATIONS

/vicens-ferran-rabassa 4
 Troubleshooting 1: BGP BASICS

ROUTER MONITORING BEFORE THE ISSUE

/vicens-ferran-rabassa 5
 Troubleshooting 1: BGP BASICS

THE SOLUTION

/vicens-ferran-rabassa 6
 Troubleshooting 1: BGP BASICS

SAYING: THANKS!
I am glad that this post has sparked so much interest since this shows "the hunger" that many people have to collaborate and learn. From
here I want to thank all those who have collaborated showing interest in the publication. But especially to those who have dared to
comment and give your opinion. All of this helps others learn.
Many of you have sensed that the problem was caused by the timers, and some of you have found the key. Congratulations to all.

I also want to wholeheartedly thank instructors like Arash Deljoo and Sikandar Shaik, among others, for giving me the necessary knowledge
to carry out these types of practical exercises and to help other people learn.

THE ISSUE.
We only know that once configured the neighborship between to peers, it is stablished and they begin to update their BGP tables with
normality.
But, making a reset of the neighborship from R1, we realize that neighborship doesn’t re stablishes again, remains in Active State, and we
begin to see error messages. Basically the most important: “Unacceptable holt time” and “unsupported or mal-formed message received
from 2.2.2.2”. So R1 is continuously sending Notification messages to R2, an doing Active and after a Passive Resets.

THE SITUATION.
In reality, it is not a difficult incident to resolve, although we must first consider the real scenario.
Several situations can occur:
- That the two routers are directly controlled by us, which means there is a direct resolution on our part.
- That one of the two routers, like R2, is not directly under our control. This would raise the level of actions to be carried out, since we would
have to talk to "the other side", the ISP or whoever controlled the router.

/vicens-ferran-rabassa 7
 Troubleshooting 1: BGP BASICS

ANALISING THE ISSUE.

Once we have at our hands the necessary information we realize that in R1 we have configured the BGP timers in the global BGP
configuration. And we have this: “timers bgp 50 150 150”. We have here three parameters instead of two that it’s the normal
situation. In R2 there are other timer values configured “timers bgp 40 120”.
Is that affecting the neighbor between this two routers?

SOME THEORETICAL CONCEPTS ABOUT.

- Timers are sent for each router as part of the Open message when trying to form neighbor.
- Timers doesn’t have to match in the two routers.
- They negotiate the timers and the lowest value is applied to the neighbor.
- You can set timers in the global bgp command line, or with the neighbor statement. So this can affect globally on all the
neighbors, or only for the concrete neighbor.

- Normal Timers are: Keep Alive and Hold Time. The defaults for this
two are: 60 and 180 sec. respectively .But there is another
parameter in the bgp global timer command (not in the neighbor
timer command) that is the Minimum hold-Time from neighbor option.

/vicens-ferran-rabassa 8
 Troubleshooting 1: BGP BASICS

BUT, WHAT IS THE MINIMUM HOLD-TIME TIMER FROM NEIGHBOR?.

As we have said before, Keep-Alive is by default 60 seconds and Hold-Time or Hold-Down is 3 X Keep-Alive or by default 180 seconds.
Once neighbor stablished between the two peers, router starts it’s hold-time counting from 0 seconds. When it receives a new keep-alive
from the other peer resets it’s hold-time back to 0 again. If the router doesn’t receive any keep-alive message in the maximum hold-time
defined it will understand that the neighbor is down and it will get to Active State. So this mean that all the routes will be flushed and the
neighbor will be reset.

As we have seen in page 8, we can configure manually the Minimum Hold-Time. This value is not negotiated in the Open message when
initiating the neighbor and is not mandatory to stablish the neighbor itself with another peer.

The meaning of this timer value is the minimum hold-time that we expect from the other peers. If we configure it to 150 as in this scenario
example we are saying the other peers that we will not accept any hold-time counter lesser than 150 seconds.

It is a protection from our router from other neighbouring routers. Why? Let’s figure out that in the “other side” we have an Isp router
configured with these timers: 5 15. This means that the other router will send us a keep-alive every 5 seconds and if in 15 seconds it
doesn’t receive our response it will reset the neighborship. Can you imagine this situation? The traffic going from one site to the other
only in keep-alive messages? Crazy or not?

So, if I have configured timer as 50 150 150 it means that:

- As minimum hold-time parameter is not negotiated in the Open message when stablishing the neighbor, only informed, so neighbor will
be stablished.
- But at the end (if we clear the neighbors after configuration) it will be reset when R1 sees that the minimum hold-time it’s a lower value
than expected, The router will go to Active State sending reset notification to the other peer. And will not permit to form neighbor with
that peer again if the situation does not normalize.

/vicens-ferran-rabassa 9
 Troubleshooting 1: BGP BASICS

SOLVING THE ISSUE.

When we properly configure the BGP
timers, the neighborhood is automatically
reestablished, since both routers remain in
Active State.

Depending on the scenario as we have explained in the page 7, to solve the issue it will depends on the router that is under our control.
So, If we have both routers under our control we can:

1) Change the minimum hold-time in router 1 setting it to 120.

2) Change the Keep-Alive and Hold-Time values in R2 setting them to match R1 ones.
3) Change the Keep-Alive and Hold-Time values in R1 setting them to match R2 ones.

If we only have one of those routers under our control we should have to:

1) Accord with “the other side” the values of Keep-Alive, Hold-Time and Minimum-Hold-Time.
2) Set the values properly in our router as accorded.

In this case I’ve configured again timers in R1 setting them by

default (60 180), and after coming up the neighbor again R1
and R2 have agreed in he Open message the timers setting
negotiating and setting them as in the photo.

/vicens-ferran-rabassa 10
If you want to see more of my
content, follow me on LinkedIn.
/vicens-ferran-rabassa

ENARSI

11