Download CD Content
Border Gateway Protocol (BGP) is the standard routing protocol in the Internet. It is used for routing among different Autonomous Systems (ASs). This protocol is an interface between two different forms of administration, which may be different ISPs, companies, or educational institutions. Therefore, troubleshooting BGP problems is more complex than that of any of the Interior Gateway Protocols (IGPs). It requires maximum coordination between two ASs to solve BGP-related problems and ensure error-free routing conforming to decided policies between two ASs.
In this chapter, we’ll look at the various issues with BGP and the different methods to troubleshoot these problems.
In the case of all routing scenarios in IP, the basic troubleshooting commands such as ping, traceroute, show interface, show ip interface, and show ip protocols are used extensively for root cause analysis of any problem in a network. There are other protocol-specific commands available in the Cisco IOS, which are used for troubleshooting at a more specific level.
In this section, you will look at the available BGP troubleshooting commands, as well as explanations for each. Table 11.1 lists some of the commonly used show commands associated with BGP.
Command | Description |
---|---|
show ip bgp | Displays complete BGP table of a router. |
show ip bgp A.B.C.D | Shows corresponding BGP table entry to network A.B.C.D. |
show ip bgp cidr-only | Displays routes in BGP table with non-natural network masks. |
show ip bgp community | Lists routes in a BGP table that match the named communities. |
show ip bgp community-list | Displays routes in a BGP table that match the named community lists. |
show ip bgp dampening | Displays detailed information about BGP dampening, if configured in the router. |
show ip bgp filter-list | Lists routes matching the named filter list. |
show ip bgp inconsistent-as | Displays only the routes with inconsistent origin ASs. |
show ip bgp injected-paths | Lists all injected paths. |
show ip bgp ipv4 | Displays entries in a BGP table corresponding to the IP Version 4 address family. |
show ip bgp labels | Lists labels for IPv4 NLRI specific information. |
show ip bgp neighbors | Displays detailed information on BGP neighbors. |
show ip bgp paths | Lists the BGP path information. |
show ip bgp peer-group | Displays information on BGP peer groups. |
show ip bgp prefix-list | Lists routes in a BGP table matching a named prefix list. |
show ip bgp quote-regexp | Displays routes in a BGP table matching the AS path regular expression. |
show ip bgp regexp | Lists routes in a BGP table matching the AS path regular expression. |
show ip bgp replication | Displays replication status of update groups. |
show ip bgp route-map | Lists BGP table route entries matching the named route map. |
show ip bgp summary | Displays status summary of connections with all BGP neighbors. |
show ip bgp template | Lists peer-policy or peer-session templates. |
show ip bgp update-group | Displays information on update groups. |
show ip bgp vpnv4 | Lists VPNv4 NLRI specific information. |
show ip bgp neighbor A.B.C.D advertised-routes | Displays routes that form a part of the BGP update sent to neighbor A.B.C.D. This can be either the total BGP table or selected routes satisfying any condition that might be set using an access list or a route map. |
show ip bgp neighbor A.B.C.D routes | Lists routes, which are learned from BGP neighbor A.B.C.D and installed at BGP table. This can include all routes that are advertised by the neighbor. This can also include a subset of the same that satisfies certain inbound conditions applied by an access list or a route map. |
Displays routes that form a part of the BGP update sent to neighbor A.B.C.D. This can be either the total BGP table or selected routes satisfying any condition that might be set using an access list or a route map.
Lists routes, which are learned from BGP neighbor A.B.C.D and installed at BGP table. This can include all routes that are advertised by the neighbor. This can also include a subset of the same that satisfies certain inbound conditions applied by an access list or a route map.
Consider a BGP network as an example and see the output of the show commands. Figure 11.1 shows part of a BGP network.
Figure 11.1: Part of a BGP network showing routers A1, A2, A3, and B1.
Figure 11.1 shows part of a BGP network. Routers A1, A2, and A3 belong to AS5555 and are running iBGP with each other. Router B1 belongs to AS6666, is connected to A1 via a WAN link, and is running eBGP with it. We will look at the output of some of the commonly used commands listed in Table 11.1 as applicable to the network shown in Figure 11.1. Listing 11.1 shows the output of the show ip bgp command.
Listing 11.1 Output of show ip bgp Command
A1#show ip bgp 10.150.0.0 BGP routing table entry for 10.150.0.0/19, version 20439 Paths: (1 available, best #1) Multipath: eBGP Advertised to update-groups: 3 5400, (received & used) 192.168.120.2 from 192.168.120.2 Origin IGP, metric 0, localpref 200, valid, internal, best Community: Originator: 192.168.120.2, Cluster list:
Listing 11.2 shows the output of the show ip bgp cidr-only command.
Listing 11.2 Output of show ip bgp cidr-only Command
A1#show ip bgp cidr-only BGP table version is 26948, local router ID is 192.168.120.1 Status codes: s suppressed, d damped, h history, valid, > best, i - internal, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i10.150.0.0/19 192.168.0.2 200 0 6666 i *>i172.16.16.0/22 192.168.119.119 100 0 i
Listing 11.3 shows the output of the show ip bgp community command.
Listing 11.3 Output of show ip bgp community Command
A1#show ip bgp community 0:100 BGP table version is 26948, local router ID is 192.168.120.1 Status codes: s suppressed, d damped, h history, valid, > best, i - internal, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i192.168.15.0 192.168.119.122 0 100 0 i
Listing 11.4 shows the output of the show ip bgp neighbors command.
Listing 11.4 Output of show ip bgp neighbors Command
A1#show ip bgp neighbors 192.168.119.122 BGP neighbor is 192.168.119.122, remote AS 5555, internal link BGP version 4, remote router ID 192.168.119.122 BGP state = Established, up for 05:24:26 Last read 00:00:25, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(new) Address family IPv4 Unicast: advertised and received Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 9 9 Notifications: 0 0 Updates: 259104 259 Keepalives: 7185 7184 Route Refresh: 0 0 Total: 266298 7452 Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 27219, neighbor versions 27219/0 27219/0 Output queue sizes: 0 self, 0 replicated Index 8, Offset 1, Mask 0x1 Route-Reflector Client Member of update-group 3 Default weight 100 Sent Rcvd Prefix activity: —— —— Prefixes Current: 101 28 (Consumes 1344 bytes) Prefixes Total: 133 34 Implicit Withdraw: 23 0 Explicit Withdraw: 9 6 Used as bestpath: n/a 28 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: ———— ———— Suppressed due to dampening: 2 n/a Total: 2 0 Number of NLRIs in the update sent: max 290, min 0 Connections established 9; dropped 8 Last reset 05:24:53, due to User reset Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 192.168.119.14, Local port: 19455 Foreign host: 192.168.119.122, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x19A67740): Timer Starts Wakeups Next Retrans 4040 0 0x0 TimeWait 0 0 0x0 AckHold 334 179 0x0 SendWnd 0 0 0x0 KeepAlive 0 0 0x0 GiveUp 0 0 0x0 PmtuAger 0 0 0x0 DeadWait 0 0 0x0 iss: 370882673 snduna: 371469486 sndnxt: 371469486 sndwnd: 15007 irs: 1820013194 rcvnxt: 1820020445 rcvwnd: 14997 delrcvwnd: 1387 SRTT: 300 ms, RTTO: 607 ms, RTV: 3 ms, KRTT: 0 ms minRTT: 0 ms, maxRTT: 476 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 1460 bytes): Rcvd: 4234 (out of order: 0), with data: 334, total data bytes: 7250 Sent: 4413 (retransmit: 0, fastretransmit: 0), with data: 4228, total data bytes : 586812
Listing 11.5 shows the output of the show ip bgp paths command.
Listing 11.5 Output of show ip bgp paths Command
A1#show ip bgp paths Address Hash Refcount Metric Path 0x43A20410 0 4 0 i 0x43D71FA8 0 27 0 i 0x43D73EE0 1 1 0 i 0x43D75FC8 1 1 0 6666 i 0x43D76490 2 2 0 6666 i 0x43D76FD0 3 56 0 6666 i 0x437B9378 4 1 5 i
Listing 11.6 shows the output of the show ip bgp summ command.
Listing 11.6 Output of show ip bgp summ Command
A1#show ip bgp summ BGP router identifier 192.168.119.14, local AS number 5555 BGP table version is 27, main routing table version 27392 7 network entries using 766 bytes of memory 5 path entries using 362 bytes of memory 6 BGP path attribute entries using 101 bytes of memory 2 BGP rrinfo entries using 1 bytes of memory 2 BGP AS-PATH entries using 37 bytes of memory 2 BGP community entries using 23 bytes of memory 1 BGP route-map cache entries using 5 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 135 total bytes of memory BGP activity 135382/127865 prefixes, 184428/176882 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.119.122 4 5555 119977 7738 27392 0 0 03:06:26 7428 192.168.119.119 4 5555 7138 7467 27392 0 0 02:22:55 8 192.168.120.2 4 6666 7188 7454 27392 0 0 02:22:49 2
Listing 11.7 shows the output of the show ip bgp neighbor A.B.C.D advertised-routes command.
Listing 11.7 Output of show ip bgp neighbor A.B.C.D advertised-routes Command
B1#show ip bgp neighbor 192.168.120.1 advertised-routes BGP table version is 2330382, local router ID is 192.168.120.2 Status codes: s suppressed, d damped, h history, valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 192.168.10.0 192.168.120.2 0 32768 i *>i 10.150.0.0/19 192.168.120.2 0 32768 i
Listing 11.8 shows the output of the show ip bgp neighbor A.B.C.D routes command.
Listing 11.8 Output of show ip bgp neighbor A.B.C.D routes Command
B1#show ip bgp neighbor 192.168.120.1 routes BGP table version is 2330386, local router ID is 192.168.120.2 Status codes: s suppressed, d damped, h history, valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 192.168.119.0 192.168.120.1 0 100 5555 i *> 192.168.15.0 192.168.120.1 0 100 5555 i *> 172.16.16.0/22 192.168.120.1 0 100 5555 i
Table 11.2 shows some of the debug commands available in Cisco IOS that can be used to troubleshoot problems with BGP routing.
Consider the BGP network shown in Figure 11.2 as an example and look at output of some of the debug commands as described in Table 11.2.
Figure 11.2: Part of a BGP network showing routers B1, B2, and C1.
Command | Description |
---|---|
debug ip bgp A.B.C.D updates | Displays flow of packets corresponding to routing updates directed to a BGP neighbor address A.B.C.D. |
debug ip bgp dampening | Monitors activities related to dampening of BGP routes. |
debug ip bgp events | Displays all BGP-related events associated with a BGP-enabled router. |
debug ip bgp in | Displays BGP exchange of information with a neighbor corresponding to routes in updates that are accepted after inbound filtering and installed in a BGP table. |
debug ip bgp keepalives | Tracks BGP keepalives that are exchanged among BGP neighbors at a regular interval. |
debug ip bgp out | Displays information related to BGP outbound updates. |
debug ip bgp updates | Displays flow of packets corresponding to routing updates directed to all BGP peers with whom a neighbor relationship is established. |
Figure 11.2 shows part of a BGP network in which router B1 of AS5555 is running eBGP with the router C1 of AS6666 and iBGP with router B2 of AS5555. We must run certain debug commands at B1. Listing 11.9 shows output of the debug ip bgp 192.168.119.122 updates command at B1.
Listing 11.9 Output of debug ip bgp 192.168.119.122 updates Command
B1#debug ip bgp 192.168.119.122 updates BGP updates debugging is on for neighbor 192.168.119.122 B1# Feb 3 12:23:33.425: BGP(0): 192.168.119.122 rcv UPDATE about 10.54.32.0/24 — withdrawn Feb 3 12:23:33.525: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308872, table version 2308873, starting at 0.0.0.0 Feb 3 12:23:33.525: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 0ms, neighbor version 2308872, start version 2308873, throttled to 2308873 B1# B1# Feb 3 12:23:38.841: BGP(0): 192.168.119.122 rcvd UPDATE w/ attr: nexthop 10.54.120.192, origin i, localpref 100, metric 3, originator 192.168.158.243, clusterlist 192.168.120.8 10.54.120.10 10.54.120.192 Feb 3 12:23:38.841: BGP(0): 192.168.119.122 rcvd 10.54.32.0/24 Feb 3 12:23:38.961: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308873, table version 2308874, starting at 0.0.0.0 Feb 3 12:23:38.965: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 4ms, neighbor version 2308873, start version 2308874, throttled to 2308874 Feb 3 12:23:43.533: BGP(0): 192.168.119.122 rcv UPDATE about 10.54.32.0/24 —withdrawn Feb 3 12:23:43.633: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308874, table version 2308875, starting at 0.0.0.0 Feb 3 12:23:43.633: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 0ms, neighbor version 2308874, start version 2308875, throttled to 2308875 Feb 3 12:23:49.046: BGP(0): 192.168.119.122 rcvd UPDATE w/ attr: nexthop 10.54.120.192, origin i, localpref 100, metric 3, originator 192.168.158.243, cluster list 192.168.120.8 10.54.120.10 10.54.120.192 Feb 3 12:23:49.050: BGP(0): 192.168.119.122 rcvd 10.54.32.0/24 Feb 3 12:23:49.150: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308875, table version 2308876, starting at 0.0.0.0 Feb 3 12:23:49.150: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 0ms, neighbor version 2308875, start version 2308876, throttled to 2308876 B1# Feb 3 12:23:54.238: BGP(0): 192.168.119.122 rcv UPDATE about 10.54.32.0/24 —withdrawn Feb 3 12:23:54.338: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308876, table version 2308877, starting at 0.0.0.0 Feb 3 12:23:54.338: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 0ms, neighbor version 2308876, start version 2308877, throttled to 2308877 Feb 3 12:23:59.302: BGP(0): 192.168.119.122 rcvd UPDATE w/ attr: nexthop 10.54.120.192, origin i, localpref 100, metric 3, originator 192.168.158.243, clusterlist 192.168.120.8 10.54.120.10 10.54.120.192 Feb 3 12:23:59.302: BGP(0): 192.168.119.122 rcvd 10.54.32.0/24 Feb 3 12:23:59.402: BGP(0): 192.168.119.122 computing updates, afi 0, neighbor version 2308877, table version 2308878, starting at 0.0.0.0 Feb 3 12:23:59.402: BGP(0): 192.168.119.122 update run completed, afi 0, ran for 0ms, neighbor version 2308877, start version 2308878, throttled to 2308878
Listing 11.10 shows output of the debug ip bgp events command at B1.
Listing 11.10 Output of debug ip bgp events Command
B1#debug ip bgp events BGP events debugging is on B1# B1# Feb 3 12:24:41.537: BGP: Import timer expired. Walking from 1 to 1 B1# B1# Feb 3 12:24:56.538: BGP: Import timer expired. Walking from 1 to 1 B1# B1# Feb 3 12:25:11.539: BGP: Import timer expired. Walking from 1 to 1 B1# B1# B1# B1# Feb 3 12:25:26.540: BGP: Performing BGP general scanning Feb 3 12:25:26.540: BGP(0): scanning IPv4 Unicast routing tables Feb 3 12:25:26.652: BGP(IPv4 Unicast): Performing BGP Nexthop scanning for general scan Feb 3 12:25:26.888: BGP(1): scanning IPv6 Unicast routing tables Feb 3 12:25:26.888: BGP(IPv6 Unicast): Performing BGP Nexthop scanning for general scan Feb 3 12:25:26.888: BGP(2): scanning VPNv4 Unicast routing tables Feb 3 12:25:26.888: BGP(VPNv4 Unicast): Performing BGP Nexthop scanning for general scan Feb 3 12:25:26.888: BGP(3): scanning IPv4 Multicast routing tables Feb 3 12:25:27.040: BGP(IPv4 Multicast): Performing BGP Nexthop scanning for general scan Feb 3 12:25:42.045: BGP: Import timer expired. Walking from 1 to 1 B1#
Listing 11.11 shows output of the debug ip bgp keepalives command at B1.
Listing 11.11 Output of debug ip bgp keepalives Command
B1#debug ip bgp keepalives Feb 3 12:27:36.716: BGP: 192.168.119.122 received KEEPALIVE, length (excl. header) 0 B1# B1# B1# Feb 3 12:27:40.620: BGP: 192.168.119.122 sending KEEPALIVE (io) B1# Feb 3 12:27:43.552: BGP: 10.54.9.229 received KEEPALIVE, length (excl. header) 0 B1# Feb 3 12:27:45.780: BGP: 10.54.9.229 sending KEEPALIVE (io) B1# B1# Feb 3 12:28:36.715: BGP: 192.168.119.122 received KEEPALIVE, length (excl. header) 0 B1# Feb 3 12:28:40.699: BGP: 192.168.119.122 sending KEEPALIVE (io) B1# Feb 3 12:28:43.556: BGP: 10.54.9.229 received KEEPALIVE, length (excl. header)0 B1# Feb 3 12:28:45.860: BGP: 10.54.9.229 sending KEEPALIVE (io) B1#
The triggered events when a BGP neighbor flaps are shown in Listing 11.12. The same events are simulated by manually resetting the BGP connection.
Listing 11.12 Triggered Events by BGP Neighbor Flap at B1
B1#cle ip bgp 10.54.9.229 B1# B1# Feb 3 12:36:52.685: BGP: 10.54.9.229 went from Established to Idle Feb 3 12:36:52.685: %BGP-5-ADJCHANGE: neighbor 10.54.9.229 Down User reset B1# B1# Feb 3 12:36:52.685: BGP: 10.54.9.229 closing Feb 3 12:36:52.685: BGPNSF state: 10.54.9.229 went from nsf not active to nsf not active Feb 3 12:36:52.689: BGP: 10.54.9.229 went from Idle to Active Feb 3 12:36:52.689: BGP: 10.54.9.229 open active, delay 17723ms B1# B1# Feb 3 12:37:10.414: BGP: 10.54.9.229 open active, local address 10.54.9.230 Feb 3 12:37:10.442: BGP: 10.54.9.229 went from Active to OpenSent Feb 3 12:37:10.442: BGP: 10.54.9.229 sending OPEN, version 4, my as: 4755 Feb 3 12:37:10.750: BGP: 10.54.9.229 rcv message type 1, length (excl. header) 22 Feb 3 12:37:10.750: BGP: 10.54.9.229 rcv OPEN, version 4 Feb 3 12:37:10.750: BGP: 10.54.9.229 rcv OPEN w/ OPTION parameter len: 12 Feb 3 12:37:10.750: BGP: 10.54.9.229 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 Feb 3 12:37:10.750: BGP: 10.54.9.229 OPEN has CAPABILITY code: 1, length 4 Feb 3 12:37:10.750: BGP: 10.54.9.229 OPEN has MP EXT CAP for afi/safi: 1/1 Feb 3 12:37:10.750: BGP: 10.54.9.229 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 Feb 3 12:37:10.750: BGP: 10.54.9.229 OPEN has CAPABILITY code: 128, length 0 Feb 3 12:37:10.750: BGP: 10.54.9.229 OPEN has ROUTE-REFRESH capability(old) for all address-families Feb 3 12:37:10.750: BGP: 10.54.9.229 went from OpenSent to OpenConfirm Feb 3 12:37:10.786: BGP: 10.54.9.229 went from OpenConfirm to Established B1# Feb 3 12:37:10.786: %BGP-5-ADJCHANGE: neighbor 10.54.9.229 Up