BGP Troubleshooting: Common Questions and Answers

By /

Listen to this Post

BGP (Border Gateway Protocol) is a critical protocol for internet routing, and troubleshooting it requires a deep understanding of its mechanisms. Below are common BGP issues and their solutions, along with practical commands and steps to diagnose and resolve them.

  1. Common Reasons for BGP Session Not Being Established

– Incorrect neighbor IP or AS number → Verify using:
[sh]
show ip bgp summary # Cisco
show bgp summary # Juniper
[/sh]
– Firewall/ACL blocking port 179 → Check with:
[sh]
iptables -L -n | grep 179 # Linux
netsh advfirewall firewall show rule name=all | find “179” # Windows
[/sh]
– Authentication failure → Ensure MD5 passwords match:
[sh]
debug ip bgp # Cisco (to check authentication errors)
[/sh]

2. Verifying BGP Status

Use these commands to confirm BGP is running:

  • Cisco:
    [sh]
    show ip bgp neighbors
    [/sh]
  • Juniper:
    [sh]
    show bgp neighbor
    [/sh]
  • Linux (using FRRouting):
    [sh]
    vtysh -c “show ip bgp summary”
    [/sh]

3. Understanding BGP States

  • Idle: Initial state (check logs for errors).
  • Active: TCP retries (verify connectivity with `ping` or traceroute).
  • Established: Session is live (show ip bgp summary should confirm).

4. Troubleshooting Missing BGP Routes

  • Check route advertisements:
    [sh]
    show ip bgp neighbors advertised-routes # Cisco
    [/sh]
  • Verify next-hop reachability:
    [sh]
    ping
    traceroute
    [/sh]

5. Handling BGP Flapping

  • Enable route dampening:
    [sh]
    bgp dampening # Cisco
    [/sh]
  • Adjust BGP timers:
    [sh]
    neighbor timers 60 180 # 60s keepalive, 180s hold
    [/sh]

6. BGP Route Selection Issues

  • Check path attributes:
    [sh]
    show ip bgp

    # Cisco [/sh]
  • Modify local preference: [sh] set as-path prepend 100 # Juniper [/sh]

7. Fixing BGP Next-Hop Problems

  • Force next-hop-self: [sh] neighbor next-hop-self # Cisco [/sh]
  • Verify IGP routes: [sh] show ip route [/sh]

You Should Know:

  • Linux BGP Tools: [sh] birdc show protocols # Bird BGP daemon exabgpcli show neighbors # ExaBGP [/sh]
  • Windows BGP Check: 
    Get-NetRoute -Protocol BGP # PowerShell

What Undercode Say

BGP troubleshooting requires systematic checks—session states, route advertisements, and next-hop reachability are key. Always verify:
– Firewall rules (iptables/nftables).
– TCP connectivity (telnet <IP> 179).
– Logs (show logging | include BGP).

For deeper analysis, use packet captures:

[sh]
tcpdump -i eth0 port 179 -w bgp_capture.pcap
[/sh]

Expected Output:

A stable BGP session with verified routes and no flapping. Use the provided commands to ensure optimal routing performance.

Relevant URLs:

References:

Reported By: Shamseer Siddiqui – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: