LISTSERV 16.0 - MICE-DISCUSS Archives

I think it was more than just an invalid next-hop. If it was simply an
invalid next-hop that shouldn't have created a malformed BGP update. Unless
the invalid next-hop caused BIRD to send out a malformed BGP update.

On Thu, Apr 30, 2020 at 8:24 AM Jay Hanke <[log in to unmask]> wrote:

> I emailed xcel about the invalid next-hop address.
>
> We should filter invalid next hops on the route servers.
>
> There also appears to be an issue with how some routers handle the
> invalid next hop.
>
> Are all the peers with the issue of losing the session to RS2 running
> Brocade?
>
> On Thu, Apr 30, 2020 at 8:17 AM David Farmer <[log in to unmask]> wrote:
> >
> > someone with Access should see what route server 2 sees for that prefix,
> and maybe kick it over after look at it.
> >
> > On Thu, Apr 30, 2020 at 8:04 AM Jay Hanke <[log in to unmask]>
> wrote:
> >>
> >> We're seeing the same with a good next-hop from RS1.
> >>
> >> On Thu, Apr 30, 2020 at 7:55 AM Chris Wopat <[log in to unmask]> wrote:
> >> >
> >> > On 4/30/20 7:49 AM, David Farmer wrote:
> >> >
> >> > > We're running IOS XR, I found these droppings in our logs;
> >> > >
> >> >
> >> > RP/0/RP0/CPU0:Apr 29 21:50:26.798 CDT: bgp[1068]:
> >> > %ROUTING-BGP-3-MALFORM_UPDATE : Malformed UPDATE message received from
> >> > neighbor 206.108.255.2 (VRF: default) - message length 59 bytes, error
> >> > flags 0x00000200, action taken "TreatAsWdr". Error details: "Error
> >> > 0x00000200, Field "Attr-data", Attribute 2 (Flags 0x40, Length 0),
> Data
> >> > [400200]". NLRIs: [IPv4 Unicast] 198.179.154.0/23
> >> > RP/0/RP1/CPU0:Apr 29 21:50:26.797 CDT: bgp[1068]:
> >> > %ROUTING-BGP-3-MALFORM_UPDATE : Malformed UPDATE message received from
> >> > neighbor 206.108.255.2 (VRF: default) - message length 59 bytes, error
> >> > flags 0x00000200, action taken "TreatAsWdr". Error details: "Error
> >> > 0x00000200, Field "Attr-data", Attribute 2 (Flags 0x40, Length 0),
> Data
> >> > [400200]". NLRIs: [IPv4 Unicast] 198.179.154.0/23
> >> > >
> >> > > Maybe try resting you BGP sessions.
> >> > >
> >> > We're seeing a weird next-hop ip on that prefix (rfc1918) and its
> hidden
> >> > on our net.
> >> >
> >> > Is 10.223.129.2 something internal to route server #2?
> >> >
> >> >  > show route 198.179.154.0 hidden detail
> >> >
> >> > inet.0: 795967 destinations, 2081403 routes (795589 active, 0
> holddown,
> >> > 1604 hidden)
> >> > 198.179.154.0/23 (3 entries, 1 announced)
> >> >           BGP
> >> >                  Next hop type: Router, Next hop index: 0
> >> >                  Address: 0x113614cc
> >> >                  Next-hop reference count: 1
> >> >                  Source: 206.108.255.2
> >> >                  Next hop: 10.223.129.2 via xe-0/1/5.300, selected
> >> >                  Session Id: 0x0
> >> >                  State: 
> >> >                  Inactive reason: Unusable path
> >> >                  Local AS: 65400 Peer AS: 53679
> >> >                  Age: 10:02:05
> >> >                  Validation State: unverified
> >> >                  Task: BGP_53679.206.108.255.2
> >> >                  AS path: I
> >> >                  Communities: target:21693:1000
> >> >                  Router ID: 206.108.255.2
> >> >                  Hidden reason: protocol nexthop is not on the
> interface
> >> >
> >> >
> >> > --
> >> > Chris Wopat
> >> > Network Engineer, WiscNet
> >> > [log in to unmask]   608-210-3965
> >>
> >>
> >>
> >> --
> >> Jay Hanke, President
> >> South Front Networks
> >> [log in to unmask]
> >> Phone  612-204-0000
> >
> >
> >
> > --
> > ===============================================
> > David Farmer               Email:[log in to unmask]
> > Networking & Telecommunication Services
> > Office of Information Technology
> > University of Minnesota
> > 2218 University Ave SE        Phone: 612-626-0815
> > Minneapolis, MN 55414-3029   Cell: 612-812-9952
> > ===============================================
> >
> > ________________________________
> >
> > To unsubscribe from the MICE-DISCUSS list, click the following link:
> > http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>
>
>
> --
> Jay Hanke, President
> South Front Networks
> [log in to unmask]
> Phone  612-204-0000
>


-- 
===============================================
David Farmer               Email:[log in to unmask]
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================