1.11 Troubleshoot BGP (Internal and External; unicast and VRF-Lite)
📘CCNP Enterprise – ENARSI (300-410)
1. What is a BGP Neighbor Relationship?
In BGP, routers do not automatically discover neighbors.
A neighbor relationship is a manual configuration where two routers are told:
- “You are allowed to exchange BGP routes with each other.”
These routers are called BGP peers or neighbors.
Key exam point
If the neighbor relationship is not established, no routes are exchanged, even if the rest of the network is perfect.
2. Internal BGP (iBGP) vs External BGP (eBGP)
| Feature | iBGP | eBGP |
|---|---|---|
| Same AS? | Yes | No |
| Default TTL | 255 | 1 |
| Next-hop change | No | Yes |
| Typical use | Inside one organization | Between organizations |
Understanding these differences is critical for troubleshooting.
3. BGP Operation Overview (High-Level Flow)
BGP operation follows this sequence:
- Neighbor is defined
- TCP session is built (port 179)
- BGP state machine progresses
- Capabilities are exchanged
- Routes are exchanged
- Policies are applied
- Best path is selected
If any step fails, the neighbor will not come up.
4. BGP Neighbor States (Very Important for Exam)
BGP neighbors go through six states.
These states help you identify where the problem is.
4.1 Idle
- BGP is waiting to start
- Neighbor may be misconfigured
- TCP session not started
Common issues
- Wrong neighbor IP
- Wrong AS number
- ACL blocking TCP 179
4.2 Connect
- Router tries to open a TCP session
- Waiting for TCP connection
Common issues
- Network reachability problem
- TTL issue (especially eBGP)
4.3 Active
- TCP connection failed
- Router keeps retrying
Exam tip
If a neighbor is stuck in Active, it almost always means:
- IP reachability problem
- Firewall or ACL issue
- Wrong multihop or TTL
4.4 OpenSent
- TCP connection is up
- OPEN message sent (AS, router-ID, capabilities)
Common issues
- AS number mismatch
- Authentication mismatch
- Unsupported capability
4.5 OpenConfirm
- OPEN message received
- Waiting for KEEPALIVE
4.6 Established
- Neighbor relationship is up
- Routes can be exchanged
Only in this state do routes flow
5. BGP Timers
BGP uses timers to detect failures.
Default BGP Timers
| Timer | Default Value |
|---|---|
| Keepalive | 60 seconds |
| Hold time | 180 seconds |
How they work
- Keepalive messages confirm the neighbor is alive
- If no keepalive is received before hold time expires, the session is dropped
Exam note
Timers do not have to match, but both routers must agree on common values.
6. Next-Hop Behavior (Very Important)
What is Next-Hop?
The next-hop is the IP address a router must use to reach a destination network.
eBGP Next-Hop Rule
- eBGP changes the next-hop to itself
This ensures:
- The receiving AS knows exactly where to send traffic
iBGP Next-Hop Rule
- iBGP does NOT change the next-hop
This often causes routing problems inside an AS.
Common issue
Routes are learned, but traffic fails because:
- The next-hop IP is not reachable
Exam keyword
next-hop-self
7. eBGP Multihop
Default Behavior
- eBGP neighbors must be directly connected
- Default TTL = 1
Why Multihop is Needed
In real IT networks:
- BGP peers are often multiple hops away
- Firewalls, routers, or tunnels exist in between
eBGP Multihop
- Allows BGP neighbors to be multiple hops apart
- Increases TTL value
Troubleshooting clue
If eBGP neighbor is stuck in Active and is not directly connected → multihop is likely missing.
8. 4-Byte Autonomous System Numbers
Why 4-Byte AS?
Original BGP supported only:
- 2-byte AS numbers (1–65535)
Due to internet growth:
- 4-byte AS numbers were introduced
Representation Formats
- Plain format: 65546
- Dot format: 1.10
Both represent the same AS.
Exam Notes
- Modern routers support 4-byte AS by default
- Issues occur when old devices don’t support it
- Capability mismatch can prevent neighbors from forming
9. Private AS Numbers
Private AS Ranges
- 64512 – 65535
- 4200000000 – 4294967294
Used for:
- Internal networks
- Lab environments
- Enterprise internal routing
Problem with Private AS
When advertising routes to the internet:
- Private AS numbers must not be visible
Solution
- Remove private AS numbers before advertising
Exam focus
Private AS removal is important for clean BGP routing tables.
10. BGP Route Refresh
Old Behavior
- Policy change required resetting the BGP session
- Caused traffic disruption
Route Refresh Capability
- Allows routers to request routes again
- No session reset needed
Exam Tip
If route refresh is supported:
- Soft reconfiguration is possible
- Troubleshooting is easier
11. BGP Synchronization (Legacy but Exam-Relevant)
What is Synchronization?
Old BGP rule:
- BGP would not advertise routes learned via iBGP
- Unless they existed in the IGP
Current Status
- Disabled by default
- Not used in modern networks
Why still tested?
- For understanding legacy behavior
- To recognize old configurations
12. Peer Groups
What is a Peer Group?
A way to:
- Apply common settings to multiple neighbors
- Reduce configuration errors
- Improve performance
What Can Be Shared?
- Remote AS
- Timers
- Route policies
- Authentication
- Update source
Exam Point
Peer groups:
- Simplify configuration
- Ensure consistency
- Reduce CPU usage
13. BGP Authentication
Purpose
- Protect BGP sessions from:
- Unauthorized peers
- Session hijacking
How It Works
- Uses MD5 authentication
- Both neighbors must have:
- Same password
- Same authentication type
Common Problems
- Password mismatch
- Authentication configured on only one side
Exam Tip
Authentication mismatch usually causes:
- Neighbor stuck in OpenSent or Active
14. Common Troubleshooting Checklist (Exam Gold)
When a BGP neighbor is not working, check:
- IP reachability
- Correct neighbor IP
- Correct AS number
- TCP port 179 allowed
- eBGP multihop (if not directly connected)
- Authentication match
- Next-hop reachability
- Timers compatibility
- Route refresh capability
- Private AS handling
15. Summary for Exam Success
To pass ENARSI 300-410, you must clearly understand:
- How BGP neighbors form
- Why neighbors fail to establish
- What each BGP state means
- Next-hop behavior differences
- Multihop requirements
- AS number types
- Authentication failures
- Timer mismatches
- Peer group advantages
If you can identify the BGP state and match it to the problem, you are already solving most exam questions correctly.
