North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP 4, auth error question.

  • From: Chris Morrell
  • Date: Fri Sep 18 17:31:14 1998

The Cisco is probably running IOS 11.1(20)CC.  This version has a bug in
it that assumes the other side will understand its request to negotiate
MBGP (which there is no RFC for and which seems to be Cisco proprietary at
this point).

The BGP session will come up with a Cisco which can't run MBGP, but it
doesn't seem to work for other routers. (notably routers using gated
derived code.

Changing the IOS will fix the problem, but the better short term thing to
do is to have the Cisco side add the following line to their BGP
configuration for your connection:

neighbor AA.BB.CC.DD dont-capability-negotiate

If you want more details and the actual Cisco Bug ID, I can find that for
you.

Chris

 On Fri, 18 Sep 1998, Harold Willison wrote:

> Greetings.
> 
> 
> I am in the process of turning up bgp with a customer and have run into the following problem.
> 
> The customer is using a Cisco router with ios 11.1.20.
> 
> Im using a GRF400.
> 
> 
> The session wont establish and this is what the log is showing:
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59 BGP RECV 209.239.69.1+32617 -> 206.84.235.254+179
> 
> Sep 18 15:50:59 BGP RECV message type 1 (Open) length 37
> 
> Sep 18 15:50:59 BGP RECV version 4 as 11042 holdtime 180 id 209.239.64.254 authcode 8
> 
> Sep 18 15:50:59 BGP RECV Auth data (8 bytes): 02 06 01 04 00 01 00 01
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59 bgp_get_open: peer 209.239.69.1+32617 (proto): unknown athentication code 8 used
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59 BGP SEND 206.84.235.254+179 -> 209.239.69.1+32617
> 
> Sep 18 15:50:59 BGP SEND message type 1 (Open) length 29
> 
> Sep 18 15:50:59 BGP SEND version 4 as 4200 holdtime 180 id 206.84.235.254 authcode 0
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59 BGP SEND 206.84.235.254+179 -> 209.239.69.1+32617
> 
> Sep 18 15:50:59 BGP SEND message type 3 (Notification) length 21
> 
> Sep 18 15:50:59 BGP SEND Notification code 2 (Open Message Error) subcode 4 (unsupported authentication code)
> 
> Sep 18 15:50:59
> 
> Sep 18 15:50:59 NOTIFICATION sent to 209.239.69.1+32617 (proto): code 2 (Open Message Error) subcode 4 (unsupported authentication code) data
> 
> 
> 
> it appears that the cisco is sending us an authcode that we don't recognize.
> 
> Is there a way to prevent the cisco from sending the authcode 8 or change the authcode to something
> 
> more civilized, like authcode 0. 
> 
> 
> The customer is willing to change their IOS version if necessary but it is not the preferred resolution.
> 
> Any suggestions on how I could get this to work?
> 
> 
> 
> 
> *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> 
> |  Harold Willison              AGIS Network Engineering      |
> 
> *  Senior Network Engineer        313-730-5151                *
> 
> |  [email protected]                   313-730-1130  x-5649        |
> 
> |  [email protected]             24 hours a day, 7 days a week  |
> 
> |      <bold><italic>         
> <underline>http://www.agis.net</underline></italic></bold>               
>           |<bold><italic>                               
> 
> </italic></bold>\*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*/
>