BGP Session Establishment
Flapping Routes
| Key Point | Further Details |
|---|
| Unstable Network Links | Identify if physical links are going up and down, causing routes to flap. |
| Route Dampening Configuration | If route dampening is configured, ensure it’s not too sensitive, causing routes to be suppressed unnecessarily. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp dampening-parameters | Views the route dampening configuration. |
| `show system logs severity info | match bgp` |
show routing protocol bgp summary | Summarizes BGP peer status, useful for identifying unstable connections. |
show running resource-monitor | Monitors resource utilization, as high CPU/memory can cause route flaps. |
Cisco ASA Commands
| Command | Explanation |
|---|
show ip bgp | Displays the BGP table to identify flapping routes via their flap history. |
show ip bgp neighbors <neighbor> advertised-routes | Checks routes advertised to specific neighbors for flapping indications. |
| `show logging | include BGP` |
show processes cpu history | Displays CPU utilization history to correlate with route flaps. |
Fortinet Commands
| Command | Explanation |
|---|
diag router bgp flapping | (Assuming hypothetical command) Diagnose and show flapping BGP routes. |
get router info bgp neighbors detail | Provides detailed neighbor information, helpful for diagnosing unstable links. |
diag sniffer packet any "port 179" | Captures BGP packets to analyze for irregular activity. |
diag sys top-summary | Shows system resource usage to identify potential causes of route flapping. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp routes flapping | (Assuming hypothetical command) Shows history or statistics of route flaps. |
cpview | Provides a comprehensive view of system performance, including network activity. |
| `fw ctl zdebug drop | grep bgp` |
show bgp peers | Lists BGP peer status, including uptime, which can indicate flapping. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show ip bgp' | Use to check for routes with frequent path changes indicating flapping. |
vtysh -c 'show ip bgp neighbors' | Displays detailed neighbor information, useful for identifying unstable links. |
ip monitor link | Monitors link state changes that could cause BGP routes to flap. |
vtysh -c 'show logging' | Reviews BGP logs for messages related to route changes or dampening. |
Suboptimal Routing
| Key Point | Further Details |
|---|
| Improperly Configured Multi-Exit Discriminator (MED) | Check MED values for correctness, ensuring they guide traffic as intended. |
| IGP Cost Issues Affecting BGP | For iBGP setups, ensure that the Interior Gateway Protocol (IGP) metrics are configured to support the desired path selection. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp | Displays BGP information including MED values. |
show routing metric | Displays routing metrics, useful for examining IGP cost issues. |
show routing protocol bgp paths | Lists all BGP paths and their attributes, including MED for route preference analysis. |
show routing protocol bgp summary | Provides a summary of BGP sessions, useful for identifying iBGP relationships and potential MED issues. |
Cisco ASA Commands
| Command | Explanation |
|---|
show ip bgp | Views BGP routes and their attributes, including MED for analyzing routing decisions. |
show ip bgp summary | Provides a summary of BGP sessions and can hint at IGP cost issues affecting route selection. |
show ip route | Displays the IP routing table, helping to identify IGP cost issues. |
show route-map | Examines route maps applied to BGP for custom route manipulation, including MED adjustments. |
Fortinet Commands
| Command | Explanation |
|---|
get router info bgp routes | Lists BGP routes with their MED values and other path attributes. |
get router info bgp summary | Summarizes BGP peer status, including MED values. |
diag router bgp routes detail | Provides detailed information on BGP routes, including MED and other path attributes. |
get router info routing-table all | Shows the routing table to analyze IGP metrics affecting BGP path selection. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp routes attribute MED | (Assuming hypothetical command) Filter routes by MED attribute to analyze routing decisions. |
show route all | Displays the routing table, which can be useful for understanding IGP cost issues. |
show bgp summary | Provides an overview of BGP sessions, useful for checking iBGP setups and potential MED configurations. |
show bgp network | Displays BGP advertised networks, potentially affected by suboptimal routing configurations. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show ip bgp' | Displays BGP routes along with their MED values for analysis. |
vtysh -c 'show ip route' | Shows the IP routing table to help identify any IGP cost issues that might be affecting BGP. |
vtysh -c 'show bgp neighbors' | Displays BGP neighbor relationships, useful for analyzing iBGP setups and MED influence. |
| `vtysh -c ‘show running-config | include bgp’` |
Enhanced BGP Session Establishment Checks
| Key Point | Further Details |
|---|
| BGP Version Compatibility | Ensure that BGP versions between peers are compatible. |
| Session Timeout Settings | Check session timeout settings to prevent premature session drops. |
| Update Source Configuration | Verify the correct configuration of the update source to ensure reliable session establishment. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp | Checks BGP version and session details. |
show system settings | Verifies system-wide settings that might affect BGP, such as session timeouts. |
show routing protocol bgp peer <peer-ip> | Displays detailed information about a specific BGP peer, including update source. |
show network interface | Lists network interfaces to verify update source configurations. |
Cisco ASA Commands
| Command | Explanation |
|---|
show bgp all summary | Displays all BGP sessions, useful for checking versions and session state. |
| `show run | include timeout` |
show bgp neighbors <neighbor-ip> detail | Provides detailed information about BGP neighbors, including update source and version. |
show interface | Verifies interface configurations, useful for checking update source settings. |
Fortinet Commands
| Command | Explanation |
|---|
get router info bgp summary | Provides summary information, including session states and BGP version. |
get system performance status | Shows system performance and might give insights into timeout settings. |
get router info bgp neighbors | Displays detailed BGP neighbor information, including update sources. |
diag netlink interface list | Lists interfaces to verify update source configurations. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp summary | Displays BGP peer summary, useful for version and session status checks. |
| `show configuration | grep timeout` |
show bgp peer <peer-ip> detail | Provides detailed information on BGP peer, including update source verification. |
show interfaces | Displays interface information, helping to verify update source configurations. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show bgp summary' | Displays BGP session summary, including version compatibility. |
grep -R "timeout" /etc/frr/ | Searches for timeout settings in FRR (if FRR is used instead of Quagga) configuration files. |
vtysh -c 'show ip bgp neighbors <neighbor-ip>' | Shows detailed neighbor information, including update source. |
ip addr show | Lists IP addresses assigned to interfaces, useful for update source verification. |
Advanced Route Advertisement Verifications
| Key Point | Further Details |
|---|
| Outbound Route Maps | Confirm that outbound route maps are correctly applied to manipulate path attributes. |
| Maximum Prefix Limits | Check if maximum prefix limits are set too low, potentially blocking route advertisements. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp policy | Displays the applied route map policies for BGP. |
show routing protocol bgp max-prefix | Shows the maximum prefix limits for BGP sessions. |
show routing protocol bgp policy statistics | Provides statistics on route map applications, useful for verifying the effectiveness of outbound route maps. |
show routing protocol bgp config | Displays the complete BGP configuration, including any route map or max prefix configurations. |
Cisco ASA Commands
| Command | Explanation |
|---|
show route-map | Displays route maps configured on the device. |
show ip bgp summary | Shows the BGP summary including maximum prefix limits. |
show ip bgp neighbors <neighbor-ip> advertised-routes | Shows routes being advertised to a specific neighbor, useful for verifying route map impact. |
show ip bgp policy | Displays the policies applied to BGP, including any filtering and modifications due to route maps. |
Fortinet Commands
| Command | Explanation |
|---|
get router info bgp filters | Displays the filters applied to BGP routes, which can include route maps. |
diagnose router bgp summary | Provides BGP summary information, including max prefix counts. |
diagnose router bgp routes export check | Verifies which routes are being exported according to current filter and route map settings. |
get router info bgp neighbors <neighbor-ip> advertised-routes | Checks routes advertised to a specific neighbor, useful for route map verification. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp policy | (Assuming hypothetical command) Shows BGP policy settings, including route maps. |
show bgp summary | Displays BGP summary, useful for checking maximum prefix limits. |
show bgp config | (Assuming hypothetical command) Displays the detailed BGP configuration, including route maps and prefix limits. |
show bgp routes by-policy <policy-name> | (Assuming hypothetical command) Filters routes by applied policy, useful for verifying route map effects. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show route-map' | Displays route maps used in BGP on Quagga/Zebra. |
vtysh -c 'show ip bgp summary' | Shows BGP session summaries, including max prefix info. |
vtysh -c 'show ip bgp neighbors <neighbor-ip> advertised-routes' | Views routes advertised to a specific neighbor, useful for checking route map applications. |
vtysh -c 'show ip bgp policy' | (Assuming hypothetical command) Displays BGP policies including route maps and filtering. |
Additional Path Selection Considerations
| Key Point | Further Details |
|---|
| Weight Attribute Configuration | For vendor-specific devices, check if the weight attribute is correctly applied to influence path selection. |
| BGP Community Tags Usage | Ensure proper usage and interpretation of BGP community tags for route manipulation. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp path-info | Displays detailed path information including weight and community tags. |
show routing protocol bgp policy | Displays BGP policies, useful for examining how community tags are applied. |
debug routing bgp update recv | Enables debugging to view incoming BGP updates and their attributes, including community. |
debug routing bgp update send | Enables debugging to view outgoing BGP updates and their attributes, including weight and community. |
Cisco ASA Commands
| Command | Explanation |
|---|
show ip bgp | Displays the BGP table, showing paths with their weight and community values. |
show ip bgp community <community> | Filters BGP routes by community tag to analyze their usage and propagation. |
| `show running-config | section route-map` |
show ip bgp neighbors <neighbor> advertised-routes | Shows routes advertised to a specific neighbor, including applied weights and communities. |
Fortinet Commands
| Command | Explanation |
|---|
get router info bgp routes | Lists BGP routes, including path attributes like weight and community tags. |
diagnose router bgp routes detail | Provides detailed information on BGP routes, including their community values. |
diagnose router bgp neighbors <neighbor> routes | Displays detailed information about routes received from a neighbor, including community tags. |
get router info bgp summary | Summarizes BGP session information, useful for quick checks on path attributes. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp routes community <community> | Filters the BGP table by community tag for troubleshooting. |
show bgp routes detail | Displays detailed information of BGP routes, including their community tags and weight (if applicable). |
show bgp summary | Provides a summary of BGP peers and sessions, useful for overviewing path selection settings. |
show bgp policy | Displays BGP policies, including usage of community tags for route manipulation. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show ip bgp' | Shows the BGP table including community tags and possibly weight, if supported. |
vtysh -c 'show ip bgp community <community> | Displays routes with a specific BGP community tag, useful for verifying community usage. |
| `vtysh -c ‘show running-config | include route-map’` |
vtysh -c 'show ip bgp neighbors <neighbor> advertised-routes' | Shows routes advertised to specific neighbors, including any modifications by weight or community. |
Comprehensive Checks for Missing Routes
| Key Point | Further Details |
|---|
| Orphaned Routes Detection | Identify routes that are not properly advertised due to missing network statements or redistribution misconfigurations. |
| VPN Routing/Forwarding Instances | In MPLS networks, ensure VRFs are correctly configured to advertise BGP routes. |
Palo Alto Commands
| Command | Explanation |
|---|
show routing protocol bgp loc-rib | Displays the local BGP RIB for checking existing routes. |
show routing route | Lists all routes known to the device, useful for cross-referencing with BGP routes. |
show network virtual-router <vr-name> | Displays virtual router configuration, including associated routing instances. |
debug routing bgp update recv | Enables debugging to view incoming BGP updates, useful for identifying orphaned routes. |
Cisco ASA Commands
| Command | Explanation |
|---|
show ip bgp vpnv4 all | Displays BGP VPNv4 routing table, useful for MPLS VPN route checks. |
show ip bgp | Displays the global BGP routing table for checking non-VPN routes. |
show route vrf <vrf-name> | Displays routes within a specific VRF, useful for verifying route presence in VPN instances. |
show vrf detail | Provides details on configured VRFs, helping to identify potential misconfigurations. |
Fortinet Commands
| Command | Explanation |
|---|
get router info bgp routes database | Lists all routes known to BGP, useful for finding missing routes. |
get router info routing-table all | Shows the device’s entire routing table, including routes not installed in the BGP table. |
diag vpn tunnel list | Lists all VPN tunnels, useful for verifying VPN configurations affecting BGP route advertisement. |
get router info routing-table details <vrf-name> | Displays detailed routing information for a specific VRF. |
Check Point Gaia Commands
| Command | Explanation |
|---|
show bgp routes vpn | (Assuming hypothetical command) Displays VPN routing instances in BGP. |
show route all | Shows all routes in the routing table, useful for identifying orphaned routes. |
show vrf | (Assuming hypothetical command) Lists VRF configurations and their associated routes. |
show bgp all | Provides a comprehensive view of all BGP routes, including those within VPN instances. |
Debian Commands
| Command | Explanation |
|---|
vtysh -c 'show ip bgp' | Shows the BGP table, useful for identifying missing routes. |
vtysh -c 'show ip route' | Displays the entire IP routing table, helping to find routes not present in the BGP table. |
vtysh -c 'show ip bgp vpnv4 all' | (If using VPNv4 with FRRouting) Displays VPNv4 routes, useful for MPLS network checks. |
vtysh -c 'show vrf' | Lists VRFs configured on the device, including their routing information. |
System Log Searches
System and application logs are crucial for diagnosing issues with BGP sessions, route advertisements, path selection, and missing routes. Below are the log locations and commands for searching through these logs for BGP-related issues across different vendors, along with suggested keywords for effective log analysis.
Palo Alto
| Log Location | Search Command | Keywords |
|---|
/var/log/pan.log | grep -i "bgp|route|peer" /var/log/pan.log | BGP, route, peer, flap, dampening |
Cisco ASA
| Log Location | Search Command | Keywords |
|---|
| Syslog server / CLI | show logging | include "BGP|route|peer" | BGP, route, peer, flap, dampening |
Fortinet
| Log Location | Search Command | Keywords |
|---|
GUI / /var/log on CLI | diag log eventlist | grep -i "bgp|route|peer" | BGP, route, peer, flap, dampening |
Check Point Gaia
| Log Location | Search Command | Keywords |
|---|
/var/log/messages | grep -i "bgp|route|peer" /var/log/messages | BGP, route, peer, flap, dampening |
Debian (with Quagga or FRR)
| Log Location | Search Command | Keywords |
|---|
Quagga: /var/log/quagga/bgpd.log | grep -i "bgp|route|peer" /var/log/quagga/bgpd.log | BGP, route, peer, flap, dampening |
FRR: /var/log/frr/frr.log | grep -i "bgp|route|peer" /var/log/frr/frr.log | BGP, route, peer, flap, dampening |
Suggested Keywords for Log Searches include BGP, route, peer, flap, dampening for a focused investigation on potential issues related to BGP operations and configurations.