ExaBGP connection closed, state idle between 2 ExaBGP hosts

cherdt

unread,

Jun 5, 2018, 6:44:49 PM6/5/18

to exabgp-users

I'm new to ExaBGP (and BGP in general). My end goal is to configure an ExaBGP system to peer with a system set up by my networking team. To start I thought I'd set up a simple test and have 2 ExaBGP instances peer with each other. Both systems are running ExaBGP 4.0.6-daa3d6ba on RedHat 7.5 on AWS EC2 instances in the same VPC.

The output of ExaBGP contains messages like the following:

initialising connection to peer-1
attempting connection to 172.31.19.0:179
connection to 172.31.19.0 closed
outgoing-1 172.31.18.16-172.31.19.0, closing connection

On both sides, the state shows idle instead of established:

[ec2-user@ip-172-31-19-0 ~]$ exabgpcli show neighbor summary
Peer            AS        up/down state       |     #sent     #recvd
172.31.18.16    65217     0:11:38 idle                  0          0

(When I examine a packet capture between the 2 hosts, I can see that the destination host is sending a RST packet in response to the origin host's SYN packet.)

Configuration for both hosts is below:

[ec2-user@ip-172-31-19-0 ~]$ exabgpcli show neighbor configuration
neighbor 172.31.18.16 {
  description "";
  router-id 172.31.19.0;
  host-name ip-172-31-19-0;
  domain-name ip-172-31-19-0;
  local-address auto;
  local-as 65217;
  peer-as 65217;
  hold-time 180;
  manual-eor false;

  passive false;
  group-updates true;
  auto-flush true;
  adj-rib-in true;
  adj-rib-out true;
  md5-base64 auto;

  capability {
    asn4 enable;
    route-refresh enable;
    graceful-restart disable;
    add-path disable;
    multi-session disable;
    operational disable;
    aigp disable;
  }
  family {
    ipv4 unicast;
    ipv4 multicast;
    ipv4 nlri-mpls;
    ipv4 mpls-vpn;
    ipv4 rtc;
    ipv4 flow;
    ipv4 flow-vpn;
    ipv6 unicast;
    ipv6 multicast;
    ipv6 nlri-mpls;
    ipv6 mpls-vpn;
    ipv6 flow;
    ipv6 flow-vpn;
    l2vpn vpls;
    l2vpn evpn;
    bgp-ls bgp-ls;
    bgp-ls bgp-ls-vpn;
  }
  add-path {
  }
}

[ec2-user@ip-172-31-18-16 ~]$ exabgpcli show neighbor configuration
neighbor 172.31.19.0 {
  description "";
  router-id 172.31.18.16;
  host-name ip-172-31-18-16;
  domain-name ip-172-31-18-16;
  local-address auto;
  local-as 65217;
  peer-as 65217;
  hold-time 180;
  manual-eor false;

  passive false;
  group-updates true;
  auto-flush true;
  adj-rib-in true;
  adj-rib-out true;
  md5-base64 auto;

  capability {
    asn4 enable;
    route-refresh enable;
    graceful-restart disable;
    add-path disable;
    multi-session disable;
    operational disable;
    aigp disable;
  }
  family {
    ipv4 unicast;
    ipv4 multicast;
    ipv4 nlri-mpls;
    ipv4 mpls-vpn;
    ipv4 rtc;
    ipv4 flow;
    ipv4 flow-vpn;
    ipv6 unicast;
    ipv6 multicast;
    ipv6 nlri-mpls;
    ipv6 mpls-vpn;
    ipv6 flow;
    ipv6 flow-vpn;
    l2vpn vpls;
    l2vpn evpn;
    bgp-ls bgp-ls;
    bgp-ls bgp-ls-vpn;
  }
  add-path {
  }
}

Let me know if there's any additional info I can provide. Thanks for any help or advice.

Thomas Mangin

unread,

Jun 5, 2018, 6:53:12 PM6/5/18

to exabgp...@googlegroups.com

Hello,

To help you, the output of exabgp with the '-d' flag would really help understand what is happening.

Thanks.

Thomas

cherdt

unread,

Jun 6, 2018, 3:56:01 PM6/6/18

to exabgp-users

Here's the output from both hosts:

From the 1st host:

[ec2-user@ip-172-31-18-16 ~]$ sudo exabgp -d -e /opt/gixlg/exabgp/exabgp.env /opt/gixlg/exabgp/simple.conf 
Thank you for using ExaBGP
4.0.6-daa3d6ba
2.7.5 (default, Feb 20 2018, 09:19:12)  [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Linux ip-172-31-18-16.us-west-2.compute.internal 3.10.0-862.3.2.el7.x86_64 #1 SMP Tue May 15 18:22:15 EDT 2018 x86_64
/usr
named pipes for the cli are:
to send commands  /run/exabgp.in
to read responses /run/exabgp.out
performing reload of exabgp 4.0.6-daa3d6ba
> neighbor         | '172.31.19.0'
. hold-time        | '180'
. local-as         | '65217'
. peer-as          | '65217'
. router-id        | '172.31.18.16'
> capability       | 
. route-refresh    | 
< capability       | 
> family           | 
< family           | 
route-refresh requested, enabling adj-rib-out
< neighbor         | 
new peer: neighbor 172.31.19.0 local-ip None local-as 65217 peer-as 65217 router-id 172.31.18.16 family-allowed in-open
loaded new configuration successfully
forked process api-internal-cli-f04f69fe
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0 closed
outgoing-1 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1
attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-2 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-3 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-4 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-5 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-6 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-7 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-8 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-9 172.31.18.16-172.31.19.0, closing connection
initialising connection to peer-1


attempting connection to 172.31.19.0:179
connection to 172.31.19.0

 closed
outgoing-10 172.31.18.16-172.31.19.0, closing connection
^C^C received
performing shutdown
terminating process api-internal-cli-f04f69fe

From the 2nd host:

[ec2-user@ip-172-31-19-0 ~]$ sudo exabgp -d -e /opt/gixlg/exabgp/exabgp.env /opt/gixlg/exabgp/simple.conf 
Thank you for using ExaBGP
4.0.6-daa3d6ba
2.7.5 (default, Feb 20 2018, 09:19:12)  [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Linux ip-172-31-19-0.us-west-2.compute.internal 3.10.0-862.3.2.el7.x86_64 #1 SMP Tue May 15 18:22:15 EDT 2018 x86_64
/usr
named pipes for the cli are:
to send commands  /run/exabgp.in
to read responses /run/exabgp.out
performing reload of exabgp 4.0.6-daa3d6ba
> neighbor         | '172.31.18.16'
. hold-time        | '180'
. local-as         | '65217'
. peer-as          | '65217'
. router-id        | '172.31.19.0'
> capability       | 
. route-refresh    | 
< capability       | 
> family           | 
< family           | 
route-refresh requested, enabling adj-rib-out
< neighbor         | 
new peer: neighbor 172.31.18.16 local-ip None local-as 65217 peer-as 65217 router-id 172.31.19.0 family-allowed in-open
loaded new configuration successfully
forked process api-internal-cli-ef722ef4
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-1 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-2 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-3 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-4 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-5 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-6 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-7 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-8 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-9 172.31.19.0-172.31.18.16, closing connection
initialising connection to peer-1
attempting connection to 172.31.18.16:179
connection to 172.31.18.16 closed
outgoing-10 172.31.19.0-172.31.18.16, closing connection
^C^C received
performing shutdown
terminating process api-internal-cli-ef722ef4

cherdt

unread,

Jun 6, 2018, 3:57:49 PM6/6/18

to exabgp-users

Google Groups decided to truncate the output from the 2nd host. In case there's anything useful, I've included it as well:

2.7.5 (default, Feb 20 2018,<span style="color: #000;" class="

Thomas Mangin

unread,

Jun 7, 2018, 7:35:41 AM6/7/18

to exabgp...@googlegroups.com

new peer: neighbor 172.31.18.16 local-ip None local-as 65217 peer-as 65217 router-id 172.31.19.0 family-allowed in-open

Are you sure the connection comes from the right IP - it is not setup explicitely.

Also your peer is not replying so it looks to me like a BGP setup issue and nothing ExaBGP specific.

Sincerely,

Thomas

cherdt

unread,

Jun 7, 2018, 6:31:49 PM6/7/18

to exabgp-users

Thanks for the reply! You're totally right -- I had no BGP backend. I mistakenly thought I could have 2 ExaBGP instances talking to each other as a simple proof-of-concept.

I ended up installing Quagga on one host (loosely based on the instructions at http://xmodulo.com/centos-bgp-router-quagga.html) and my ExaBGP instance on the other host successfully establishes a connection, receives routes, etc.

bejoybkn

unread,

Aug 11, 2018, 2:54:09 AM8/11/18

to exabgp-users

Hello Cherdt,

How are you able to run the exagpcli commands on your vpc?Do we need to install any other package for showing commands similar to show bgp summary etc on the linux box for seeing bgp related output?

i have 4.0.8-793a2931 but when i enter

/packages/exabgp/exabgpcli show neighbor configuration

i see nothing.I have peering up and running as i can see it on my cisco box the other side though

Any help is greatly appreciated

Chris Herdt

unread,

Aug 13, 2018, 11:08:42 AM8/13/18

to exabgp...@googlegroups.com

Hi Bejoy,

That's odd -- even if I have a bad configuration file, exabgpcli produces output for me.

E.g. if the error prevents ExaBGP from starting I get:

could not send command to ExaBGP

If I add incorrect IP addresses (i.e. a system that is not running BGP), exabgpcli will still display the output.

I created an Ansible playbook for my test environment -- in case it is helpful to you, it's available here:

https://github.com/cherdt/bgp-peer

I am a beginner with ExaBGP and BGP in general though, so perhaps someone else can be of more help.

--
You received this message because you are subscribed to the Google Groups "exabgp-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to exabgp-users...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.