?
Solved

BGP - state of ISP2 is not "established"

Posted on 2013-11-11
5
Medium Priority
?
439 Views
Last Modified: 2013-11-14
We are attempting to establish a BGP connection with a second ISP (228) but we could not "establish" the connection.

Any answers as to why (see below config) the ASN 228 state is not "ESTABLISHED?"

ASN 127 is established and working fine.

# show ip route bgp

                                IP Route Entries

  Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
  ------------------ --------------- ---- --------- ---------- ---------- -----
  0.0.0.0/0          34.153.222.121  4024 bgp                  1          20

# show ip bgp summ
Peer Information

  Remote Address  Remote-AS Local-AS State         Admin Status
  --------------- --------- -------- ------------- ------------
  34.153.222.121  127     40710    Established   Start
  37.154.113.225  228       40710    Connect      Start

--------------------------------------------------------------------------------

HP procurve 3800 >>


; J9573A Configuration Editor; Created on release #KA.15.10.0009
; Ver #03:03.1f.ef:f0

module 1 type j9573x
no cdp run
ip routing
no ip source-route
interface 25
   name " CrossConnect-2T "
   exit
interface 26
   name " CrossConnect-2X "
   speed-duplex 1000-full
   exit
router bgp 40710
   enable
   bgp router-id 109.104.195.1
   network 109.104.135.0 255.255.255.0
   network 109.104.195.0 255.255.255.0
   network 109.104.196.0 255.255.255.0
   neighbor 34.153.222.121 remote-as 127
   neighbor 37.154.113.225 remote-as 228
   exit
vlan 1
   name "DEFAULT_VLAN"
   no untagged 1-2,6,16,25-26
   untagged 3-5,7-15,17-24
   ip address 199.199.199.1 255.255.255.0
   exit
vlan 3999
   name "DATA-Internet"
   untagged 1-2,6
   ip address 109.104.135.1 255.255.255.0
   ip address 109.104.195.1 255.255.255.0
   ip address 109.104.196.1 255.255.255.0
   exit
vlan 4024
   name "DATA-ISP-4024"
   untagged 25
   ip address 34.153.222.122 255.255.255.252
   exit
vlan 4047
   name "Data-ISP-4047"
   untagged 16,26
   ip address 37.154.113.226 255.255.255.252
   exit
no autorun

================================
ALL names, numbers and code has been changed to mask identity.
0
Comment
Question by:dts3909
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 39641562
debug ip bgp
debug ip tcp transaction
term mon

and optionally log to an external syslog server
0
 
LVL 17

Expert Comment

by:pergr
ID: 39642160
Can you ping the IP address of the peer?

If IP connectivity is fine, it is typically a config error - any side has configured the wrong ASN or only one side has configured a password for authentication.
0
 

Author Comment

by:dts3909
ID: 39644546
We cannot ping directly.  Ping works through ISP#4024 around to ISP#4047 but not through direct connect to ISP#4047.

Config shows transceiver is linked and enabled.

ARP does not show direct attached ISP#4047 MAC address.

We even tried another transceiver on our side...we had same symptoms.

Can the procurve switch be linked and enabled at the layer-3 level but not layer-2?
0
 
LVL 17

Accepted Solution

by:
pergr earned 1500 total points
ID: 39644583
You probably want to check the other end of that fiber.
Perhaps that ISP have a mix-up with ports at their end.
0
 

Author Comment

by:dts3909
ID: 39644632
Will check with ISP#4047 today and get back to forum after push-back.

UPDATE:  ISP#4047 was allowing only whitelisted MAC addresses.  Once the ISP tech#3 determined the block and then removed all the above BGP settings worked as planned.
0

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question