Page MenuHomeVyOS Platform

BGP handshake with cisco router ends in timeout
Open, Requires assessmentPublicBUG

Description

Hi guys,

I having a problem with a bgp session between cisco router and vyos. The bgp sessions comes not up and ends in timer expired:

Jun 27 02:34:10 core1 bgpd[1482]: [Event] BGP connection from host x.x.x.x fd 52
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x went from Idle to Active
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x [FSM] TCP_connection_open (Active->OpenSent), fd 52
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x passive open
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x Sending hostname cap with hn = debian, dn = (null)
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x sending OPEN, version 4, my as 12345, holdtime 180, id xxxx
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x went from Active to OpenSent
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcv OPEN, version 4, remote-as (in open) 12345, holdtime 120, id xxx
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcv OPEN w/ OPTION parameter len: 38
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 6
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has MultiProtocol Extensions capability (1), length 4
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has MP_EXT CAP for afi/safi: IPv4/unicast
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 2
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has Route Refresh (Old) capability (128), length 0
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 2
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has Route Refresh capability (2), length 0
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 8
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has Graceful Restart capability (64), length 6
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has Graceful Restart capability
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x Peer has not restarted. Restart Time : 120
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x Address family IPv4 Unicast is not preserved
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 2
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has (no message found) capability (70), length 0
Jun 27 02:34:10 core1 bgpd[1482]: [EC 33554503] x.x.x.x unrecognized capability code: 70 - ignored
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x rcvd OPEN w/ optional parameter type 2 (Capability) len 6
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x OPEN has 4-octet AS number capability (65), length 4
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x [FSM] Receive_OPEN_message (OpenSent->OpenConfirm), fd 52
Jun 27 02:34:10 core1 bgpd[1482]: x.x.x.x went from OpenSent to OpenConfirm
Jun 27 02:34:50 core1 bgpd[1482]: x.x.x.x [FSM] Timer (keepalive timer expire)
Jun 27 02:35:30 core1 bgpd[1482]: x.x.x.x [FSM] Timer (keepalive timer expire)
Jun 27 02:36:09 core1 bgpd[1482]: x.x.x.x [FSM] Timer (connect timer expire)
Jun 27 02:36:09 core1 bgpd[1482]: x.x.x.x [FSM] ConnectRetry_timer_expired (Active->Connect), fd -1

Some router, same config, but AFI ipv6 works fine.

Thanks.

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.4-rolling-202106190417
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Please share your Cisco and VyOS config, and also the Cisco router Model/Version

I haven't access to the Cisco one because that is configured by another provider:

set protocols bgp peer-group s4 address-family ipv4-unicast nexthop-self
set protocols bgp peer-group s4 address-family ipv4-unicast remove-private-as
set protocols bgp peer-group s4 address-family ipv4-unicast route-map export 'ASXXX-T-OUT4'
set protocols bgp peer-group s4 address-family ipv4-unicast route-map import 'ASXXX-T-IN4'
set protocols bgp peer-group s4 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp peer-group s4 description 'Transit: XXXXX NL v4'
set protocols bgp peer-group s4 remote-as 'xxxxx'

set protocols bgp neighbor xxxx peer-group 's4'

set protocols bgp parameters bestpath as-path multipath-relax
set protocols bgp parameters default no-ipv4-unicast
set protocols bgp parameters log-neighbor-changes
set protocols bgp parameters router-id 'xxxx'

set protocols bgp address-family ipv4-unicast network xxx
set protocols bgp address-family ipv6-unicast network xxx
set protocols bgp address-family ipv6-unicast network xxx
set protocols bgp local-as 'xxxxx'

No tried with 1.3 / 1.2. But problem has been solved with enabling ebgp multihop support, but both routers are directly connected.
Looks like an issue during the capabilities negotiation.