BGP peering doesn't come up

General questions
1

Hello guys,
I am using a VyOS for getting a peering with physical cisco router but I have no luck
Please take a look my configuration and give me some advice, I coudn’t find out the problem.

Configuration VyOS

set protocols bgp neighbor 192.168.2.107 address-family ipv4-unicast
set protocols bgp neighbor 192.168.2.107 ebgp-multihop ‘5’
set protocols bgp neighbor 192.168.2.107 remote-as ‘50812’
set protocols bgp neighbor 192.168.2.107 update-source ‘100.64.52.10’
set protocols bgp parameters log-neighbor-changes
set protocols bgp parameters router-id ‘100.64.52.10’
set protocols bgp system-as ‘64666’
set protocols static route 0.0.0.0/0 next-hop 100.64.52.1

Cisco configuration

address-family ipv4 vrf vrf-mngmt
neighbor 100.64.52.10 remote-as 64666
neighbor 100.64.52.10 description BGP-SERVER-ANTI-DDOS
neighbor 100.64.52.10 ebgp-multihop 5
neighbor 100.64.52.10 update-source Port-channel1.4000
neighbor 100.64.52.10 activate

P.S two router can ping each other.

2

Not a lot of info here.

What version Vyos are you using?
When you say they can ping each other, what addresses are you using, and are you adding “vrf vrf-mngmt” to your ping command on the Cisco?

3

I am using VyOS 1.4-rolling-202209070217

They can ping each other to the interface for bgp peering, in my case
192.168.2.107 and 100.64.52.10

4

Did you use a commmand like:

ping 100.64.52.10 vrf vrf-mngmt

on the cisco? I am just trying to eliminate the obvious things, because, assuming that all other parts of the Cisco config are present, this should be working.

5

yes I did ping 100.64.52.10 vrf vrf-mngmt. it works. even if there are no problem of connection between two routeur but bgp peering doesn’t work.

6

Then capturing a packet on vyos might help for port 179.

sudo su
tcpdump -nni any port 179

see at least packets or updates are reaching

7

(post deleted by author)

8

So the router didn’t even initiate one? That’s weird. How long did you let the trace run? If it’s the only session on this router, it might be sitting “Idle” - it doesn’t try to connect all the time.

9

Suggest waiting at least three minutes

10

Cisco router has lot of bgp peering with other neighbor.
BGP status for 2 router is ‘Never’ not even ‘Idle’
That’s weird

11

What about the Vyos router - “Up/Down” should be “never” but State shold be Active or Connect or Idle.

Vyos: “show ip route 192.168.2.107” is going out the right interface?

This smells like a multihop routing issue. Anything in the Vyos logs?

(also: Cisco “show run int Port-channel1.4000” output?)

12

Interface is up/up status and packet will be going out the right interface

13

cisco side, I didn’t see anything special

Current configuration : 169 bytes
!
interface Port-channel1.4000
description ADMINISTRATION
encapsulation dot1Q 4000
vrf forwarding vrf-mngmt
ip address 192.168.2.107 255.255.255.0
ip mtu 1500
end

14

Interface is up/up status and packet will be going out the right interface

15

You don’t have a firewall rule on your Vyos box blocking TCP 179 do you?

16

I didn’t configure a firewall in Vyos

17

What if you run tcpdump on your Vyos box - do you see BGP packets coming in/going from your Cisco?

18

I didn’t see anything…

19

In either direction?
Can you show us what command you used please?
When asking for help it really helps to be as verbose as possible and provide as much detail as possible. “It didn’t work” isn’t that conducive to debugging/assistant you :slight_smile:

20

Still looking for results of:

Vyos:
show ip route 192.168.2.107

Cisco:
show ip route 100.64.52.10 vrf vrf-mngmt

Unless the BGP instances know how to get to each other, multihop will fail