I think it was more than just an invalid next-hop. If it was simply an invalid next-hop that shouldn't have created a malformed BGP update. Unless the invalid next-hop caused BIRD to send out a malformed BGP update. On Thu, Apr 30, 2020 at 8:24 AM Jay Hanke <jayhanke@southfront.io> wrote:
I emailed xcel about the invalid next-hop address.
We should filter invalid next hops on the route servers.
There also appears to be an issue with how some routers handle the invalid next hop.
Are all the peers with the issue of losing the session to RS2 running Brocade?
On Thu, Apr 30, 2020 at 8:17 AM David Farmer <farmer@umn.edu> wrote:
someone with Access should see what route server 2 sees for that prefix,
and maybe kick it over after look at it.
On Thu, Apr 30, 2020 at 8:04 AM Jay Hanke <jayhanke@southfront.io>
wrote:
We're seeing the same with a good next-hop from RS1.
On Thu, Apr 30, 2020 at 7:55 AM Chris Wopat <wopat@wiscnet.net> wrote:
On 4/30/20 7:49 AM, David Farmer wrote:
We're running IOS XR, I found these droppings in our logs;
RP/0/RP0/CPU0:Apr 29 21:50:26.798 CDT: bgp[1068]: %ROUTING-BGP-3-MALFORM_UPDATE : Malformed UPDATE message received from neighbor 206.108.255.2 (VRF: default) - message length 59 bytes, error flags 0x00000200, action taken "TreatAsWdr". Error details: "Error 0x00000200, Field "Attr-data", Attribute 2 (Flags 0x40, Length 0),
Data
[400200]". NLRIs: [IPv4 Unicast] 198.179.154.0/23 RP/0/RP1/CPU0:Apr 29 21:50:26.797 CDT: bgp[1068]: %ROUTING-BGP-3-MALFORM_UPDATE : Malformed UPDATE message received from neighbor 206.108.255.2 (VRF: default) - message length 59 bytes, error flags 0x00000200, action taken "TreatAsWdr". Error details: "Error 0x00000200, Field "Attr-data", Attribute 2 (Flags 0x40, Length 0), Data [400200]". NLRIs: [IPv4 Unicast] 198.179.154.0/23
Maybe try resting you BGP sessions.
We're seeing a weird next-hop ip on that prefix (rfc1918) and its hidden on our net.
Is 10.223.129.2 something internal to route server #2?
show route 198.179.154.0 hidden detail
inet.0: 795967 destinations, 2081403 routes (795589 active, 0 holddown, 1604 hidden) 198.179.154.0/23 (3 entries, 1 announced) BGP Next hop type: Router, Next hop index: 0 Address: 0x113614cc Next-hop reference count: 1 Source: 206.108.255.2 Next hop: 10.223.129.2 via xe-0/1/5.300, selected Session Id: 0x0 State: <Hidden Ext> Inactive reason: Unusable path Local AS: 65400 Peer AS: 53679 Age: 10:02:05 Validation State: unverified Task: BGP_53679.206.108.255.2 AS path: I Communities: target:21693:1000 Router ID: 206.108.255.2 Hidden reason: protocol nexthop is not on the interface
-- Chris Wopat Network Engineer, WiscNet wopat@wiscnet.net 608-210-3965
-- Jay Hanke, President South Front Networks jayhanke@southfront.io Phone 612-204-0000
-- =============================================== David Farmer Email:farmer@umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 ===============================================
________________________________
To unsubscribe from the MICE-DISCUSS list, click the following link: http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
-- Jay Hanke, President South Front Networks jayhanke@southfront.io Phone 612-204-0000
-- =============================================== David Farmer Email:farmer@umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 ===============================================