Solved

Mikrotik BGP Problem

Posted on 2007-03-22
9
2,256 Views
Last Modified: 2013-12-23
I configured a new hardware with RouterOS 2.9.41 and the same configuration that the other MK that works fine.
With the original router all works great, it have RouterOS 2.9.30.
When connect the new hardware with the same configuration, 4 of 6 bgp peer doesn´t established the connection:

Example:

name="PEER1" instance=default remote-address=200.XX.17.1 remote-as=11XXX tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=1 in-filter="" out-filter=filter-peer1-out remote-id=0.0.0.0 remote-hold-time=0s used-hold-time=0s used-keepalive-time=0s state=active

07:22:57 route,bgp,info Failed to open TCP connection: No route to host
07:22:57 route,bgp,info RemoteAddr=200.xx.17.1
07:22:57 route,bgp,info RemotePort=179
07:23:17 route,bgp,debug,timer ConnectRetryTimer expired
07:23:17 route,bgp,debug,timer RemoteAddr=200.xx.17.1
07:23:17 route,bgp,debug Connecting
07:23:17 route,bgp,debug RemoteAddr=200.xx.17.1
07:23:17 route,bgp,debug RemotePort=179
07:23:17 route,bgp,debug,state Entering Connect state
07:23:17 route,bgp,debug,state RemoteAddr=200.xx.17.1
07:23:17 route,bgp,info Failed to open TCP connection: No route to host
07:23:17 route,bgp,info RemoteAddr=200.xx.17.1
07:23:17 route,bgp,info RemotePort=179
07:23:17 route,bgp,debug,state Entering Active state
07:23:17 route,bgp,debug,state RemoteAddr=200.xx.17.1
07:23:19 route,bgp,debug,timer KeepaliveTimer expired

Thanks .-
0
Comment
Question by:Intermediasp
  • 5
  • 4
9 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 18778403
First of all remove all obfuscated addresses from your output.
And post your routing table without BGP started. (netstat -nr or route -n show)
0
 

Author Comment

by:Intermediasp
ID: 18779144
Gheist, I can´t understand you very well.
Can you explained what you mean with obfuscated addresses ?, remember that I use Mikrotik RouterOS

Thanks
0
 
LVL 62

Expert Comment

by:gheist
ID: 18783267
You gave syntactically invalid IP adresses. No-one except you or your peers can diagnose problem at your site.

%host 200.xx.17.1
Host 200.xx.17.1 not found: 3(NXDOMAIN)
%traceroute 200.xx.17.1
traceroute: unknown host 200.xx.17.1

First of all - can you ping at least one BGP peer from your new router?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 62

Expert Comment

by:gheist
ID: 18783404
/lib/modules/2.4.31 in initrd.rgz filesystem reminds of Linux kernel v2.4.31
that looks like custom shell running above that. and it asks me for key, so I delete it.
We are solving BGP connectivity problem, not RouterOS config problem.
Quick answer on OS/kay problem is - go install OpenBSD and Zebra, and it will work.
0
 

Author Comment

by:Intermediasp
ID: 18788912
No gheist, I can´t ping the peer ..., I´m thinking about layer 1/2 problem, can it be ?
0
 
LVL 62

Expert Comment

by:gheist
ID: 18790809
Yes - there is lower layer problem.
0
 

Author Comment

by:Intermediasp
ID: 18791808
Yes, when monitoring link status I saw "link-ok" and them "no-link", I supposed that the problem is the 3COM cards, could it be ??
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 18793327
Yes - that's it. Link down means dropping route to peer, with all consequences.
First check cabling. And ethernet switches.
If you run gigabit, then cat5 cables create quite a mess...
0
 

Author Comment

by:Intermediasp
ID: 18798766
This was a problem ...., thanks a lot !
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question