Cisco - BGP Notify

Notification BGP :

Voici comment déchiffrer les notifications BGP, voici l’exemple sur lequel nous allons travailler :

Notification BGP

Voici un lien pour les déchiffrer à la volée.

Et voici un autre lien pour avoir les différentes erreurs BGP.

Autres méthodes pour faire du débug :

Commande debug :

R1# debug ip bgp in 
*Mar  1 18:25:09.795: BGP: 10.1.2.2 went from Idle to Active 
*Mar  1 18:25:09.799: BGP: 10.1.2.2 open active delayed 29264ms (35000ms max, 28% jitter) 
R1# 
*Mar  1 18:25:39.063: BGP: 10.1.2.2 open active, local address 10.1.2.1 
*Mar  1 18:25:39.075: BGP: 10.1.2.2 went from Active to OpenSent 
*Mar  1 18:25:39.075: BGP: 10.1.2.2 sending OPEN, version 4, my as: 65200, holdtime 32 seconds 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv message type 1, length (excl. header) 26 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv OPEN, version 4, holdtime 180 seconds 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv OPEN w/ OPTION parameter len: 16 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 1, length 4 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has MP_EXT CAP for afi/safi: 1/1 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 128, length 0 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has ROUTE-REFRESH capability(old) for all address-families 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 2, length 0 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has ROUTE-REFRESH capability(new) for all address-families 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 bad OPEN, remote AS is 65100, expected 65111 
*Mar  1 18:25:39.095: BGP: 10.1.2.2 went from OpenSent to Closing 
*Mar  1 18:25:39.095: %BGP-3-NOTIFICATION: sent to neighbor 10.1.2.2 2/2 (peer in wrong AS) 2 bytes FE4C FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FE4C 00B4 0202 0202 1002 0601 0400 0100 0102 0280 0002 0202 00 
*Mar  1 18:25:39.195: BGP: 10.1.2.2 local error close after sending NOTIFICATION 
*Mar  1 18:25:39.199: BGPNSF state: 10.1.2.2 went from nsf_not_active to nsf_not_active 
*Mar  1 18:25:39.199: BGP: 10.1.2.2 went from Closing to Idle 
*Mar  1 18:25:39.203: BGP: 10.1.2.2 closing 
*Mar  1 18:25:40.203: BGP: 10.1.2.2 went from Idle to Active 
*Mar  1 18:25:40.211: BGP: 10.1.2.2 open active delayed 28576ms (35000ms max, 28% jitter) 
R1#

La ligne 20 nous indique qu’il y a une erreur de configuration au niveau de l’AS distant, le peer s’annonce avec un AS 65100 et on l’a configuré avec 65000.

Commande show

R4#sh ip bgp neighbors | b Last reset
  Last reset 00:01:02, due to BGP Notification sent, peer in wrong AS
  Message received that caused BGP to send a Notification:
    FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
    002D0104 000100B4 01010101 10020601
    04000100 01020280 00020202 00
  No active TCP connection