Link to home
Start Free TrialLog in
Avatar of njmatt
njmatt

asked on

BGP Drops every 90 to 120 seconds

Experts,

I'm having a major issue with my ISP. We just turned on BGP this past friday and I'm having intermittent ping loss on my /24 block that I am advertising.  The techies can't seem to figure out why! Here is the result of "show ip bgp neighbor "

GP neighbor is 63.X.X.X,  remote AS 1, external link
  BGP version 4, remote router ID 137.X.X.X
  BGP state = Established, up for 00:00:34
  Last read 00:00:04, last write 00:00:06, hold time is 90, keepalive interval is 30 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0
                         Sent       Rcvd
    Opens:               1791       1791
    Notifications:          0       1784
    Updates:             3570       1791
    Keepalives:         10827      10827
    Route Refresh:          0          0
    Total:              16188      16193
  Default minimum time between advertisement runs is 30 seconds

Here is a part of my config:
router bgp 13XXX
 no synchronization
 bgp log-neighbor-changes
 network 63.X.X.0 mask 255.255.255.0
 neighbor 63.X.X.177 remote-as 1
 neighbor 151.X.X.53 remote-as 2
 no auto-summary

Any ideas on what might cause? If I do a TRACE on 63.X.X.178 (s0/1/0.500) it takes forever.
Avatar of harbor235
harbor235
Flag of United States of America image
What type of connection do you have to your ISP? Cehck for input/output drops on the peering interface.
Did you open a troulble ticket with your ISP?

How and where are you verifying that t here is packet loss?

harbor235 ;}
Avatar of njmatt
njmatt

ASKER

Yes I have opened a ticket with my ISP, but they are "doing research"

I have two T1's. One BGP session remains up with no problems. The other ISP does not. If I ping the /24 block it will be good for a while from some remote sites, and doesn't work at all from other remote sites. It's VERY random. This is probably due to the unreliable routes being published by the problematic ISP.

Is there a command that will give info on the drop and reconnect? I
Avatar of njmatt
njmatt

ASKER

Last reset 00:01:23, due to BGP Notification received, hold time expired
Avatar of harbor235
harbor235
Flag of United States of America image
There are many reasons a BGP session can go down, physical link, resource depleteion, etc ....

show inerface <your_interface>   ; this will give you input/output drops, checksum errors etc ..

harbor235 ;}
Avatar of njmatt
njmatt

ASKER

After some testing, Ive discovered the following:

FYI: S0/0/0 (151.X.X.53, ASN#1)  BGP functions and routes fine
S0/1/0.500 (63.X.X.178, ASN#2)  BGP Drops every 2 minutes as long as the firewall (zone-member security out-zone) is on S0/1/0.500
If we MOVE zone-member security out-zone from s0/1/0.500 to s0/1/0 the BGP connection to ASN#2 stays up (my question here is: does that firewall function on the .500 interface in this configuration?)

Testing:

If zone-member security is on S0/1/0 and S0/0/0 (working BGP session) is shut ASN 701 will be learned and a route will be entered into the routing table. I can ping anywhere from the router, but LAN Internet access does not work.

If zone-member security is on S0/1/0.500 and S0/0/0 (working BGP session) is shut ASN#2 will be learned and a route will be entered into the routing table. I can ping anywhere from the router, and LAN Internet access DOES work, but the connection drops every 2 minutes. During the up-time all functions are seemingly perfect. The second I plug in S0/0/0 (151.X.X.53) and it initiates BGP, the S0/1/0.500 (63.X.X.178) is removed from the routing table and will NOT return unless the other interface (S0/0/0) is shut. If I were to shut S0/0/0 (151.X.X.53) the route returns.

As you can see, it seems that the zone-member firewall is preventing the BGP connection to ASN#2 from staying up, but that doesnt explain why the other ISP is unaffected by the same firewall.
Avatar of njmatt
njmatt

ASKER

point increase
Avatar of harbor235
harbor235
Flag of United States of America image
Can you provide a diagram detailing what your arvhitecture looks like?

Does BGP reset or are the routes being withdrawn?

You need to provide some log messages and more information, i.,e the interface stats from my earlier post.

show interface <BGP peer interface>

harbor235 ;"
ASKER CERTIFIED SOLUTION
Avatar of njmatt
njmatt
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Vee_Mod
Vee_Mod
Flag of United States of America image
Closed, 500 points refunded.
Vee_Mod
Community Support Moderator