Notification BGP :

Voici comment déchiffrer les notifications BGP, voici l'exemple sur lequel nous allons travailler :

Notification BGP

Voici un lien pour les déchiffrer à la volée.

Et voici un autre lien pour avoir les différentes erreurs BGP.

Autres méthodes pour faire du débug :

Commande debug :

 1 R1# debug ip bgp in 
 2 *Mar  1 18:25:09.795: BGP: 10.1.2.2 went from Idle to Active 
 3 *Mar  1 18:25:09.799: BGP: 10.1.2.2 open active delayed 29264ms (35000ms max, 28% jitter) 
 4 R1# 
 5 *Mar  1 18:25:39.063: BGP: 10.1.2.2 open active, local address 10.1.2.1 
 6 *Mar  1 18:25:39.075: BGP: 10.1.2.2 went from Active to OpenSent 
 7 *Mar  1 18:25:39.075: BGP: 10.1.2.2 sending OPEN, version 4, my as: 65200, holdtime 32 seconds 
 8 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv message type 1, length (excl. header) 26 
 9 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv OPEN, version 4, holdtime 180 seconds 
10 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcv OPEN w/ OPTION parameter len: 16 
11 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 6 
12 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 1, length 4 
13 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has MP_EXT CAP for afi/safi: 1/1 
14 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 
15 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 128, length 0 
16 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has ROUTE-REFRESH capability(old) for all address-families 
17 *Mar  1 18:25:39.095: BGP: 10.1.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2 
18 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has CAPABILITY code: 2, length 0 
19 *Mar  1 18:25:39.095: BGP: 10.1.2.2 OPEN has ROUTE-REFRESH capability(new) for all address-families 
20 *Mar  1 18:25:39.095: BGP: 10.1.2.2 bad OPEN, remote AS is 65100, expected 65111 
21 *Mar  1 18:25:39.095: BGP: 10.1.2.2 went from OpenSent to Closing 
22 *Mar  1 18:25:39.095: %BGP-3-NOTIFICATION: sent to neighbor 10.1.2.2 2/2 (peer in wrong AS) 2 bytes FE4C FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FE4C 00B4 0202 0202 1002 0601 0400 0100 0102 0280 0002 0202 00 
23 *Mar  1 18:25:39.195: BGP: 10.1.2.2 local error close after sending NOTIFICATION 
24 *Mar  1 18:25:39.199: BGPNSF state: 10.1.2.2 went from nsf_not_active to nsf_not_active 
25 *Mar  1 18:25:39.199: BGP: 10.1.2.2 went from Closing to Idle 
26 *Mar  1 18:25:39.203: BGP: 10.1.2.2 closing 
27 *Mar  1 18:25:40.203: BGP: 10.1.2.2 went from Idle to Active 
28 *Mar  1 18:25:40.211: BGP: 10.1.2.2 open active delayed 28576ms (35000ms max, 28% jitter) 
29 R1#

La ligne 20 nous indique qu'il y a une erreur de configuration au niveau de l'AS distant, le peer s'annonce avec un AS 65100 et on l'a configuré avec 65000.

Commande show

1 R4#sh ip bgp neighbors | b Last reset
2   Last reset 00:01:02, due to BGP Notification sent, peer in wrong AS
3   Message received that caused BGP to send a Notification:
4     FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
5     002D0104 000100B4 01010101 10020601
6     04000100 01020280 00020202 00
7   No active TCP connection