IPS4240 in bypassmode-auto cause BGP peering failure

Recently installed IPS4240's running inline. With "bypass-mode auto" the BGP peering (with password) between 2 routers either side of the IPS unit drops. The error logs indicate bad MD5 hash on both units. In "bypass-mode on" BGP peering with password is fine.
Anyone know a fix or the cause?

This is probably being dropped or modified by some of the "normalizer" engine signatures in the IPS. Basically the IPS in inline mode does a lot of TCP checks and drops or modifies packets with certain bits set. It probably doesn't like the fact the MD5 hash is set as TCP option bit 19 and is modifying it somehow, which then fails your authentication on the remote peer.
Go into whatever configuration tool you're using and enable the "produce-verbose-alert" on all the 13xx signatures (1300-1330). Then check your alerts for an alert with a victim/attacker IP addresses of your BGP routers, see what signature it was that actually fired, then disable that signature (or add a filter so that it doesn't fire for that IP address pair anymore). This will stop it doing whatever it is doing to your BGP packets and it should work from then on.
It'll probably be one of the sub-sigs under 1330, as this does a lot of different checks on various parts of the TCP packet.

Similar Messages

BGP peering

Question. Best practice is to configure iBGP via loopback interface. My question is, is that valid statement for scenario where two BGP peers are seperated by a firewall?

Hello Mateuz,
iBGP allows for a TTL=255 in the BGP packets so the added hop caused by the firewall is not a problem for the iBGP session.
if the session were eBGP you would need to tune the ebgp-multihop to take care of the FW hop.
Hope to help
Giuseppe

BGP peering via default route

I read http://blog.ipexpert.com/2010/11/08/bgp-peering-and-default-routes/ and understood that BGP speaker will not initiate BGP connection with the other BGP router if it can reach it via default route only...And BGP peering will not come up at all if both the BGP speakers know each other via default routes only....I could not understand the reason behind this though...Could any expert help me in understanding the underlying reasoning?

I can't think of a reason why you would want to peer with a router you don't have a route for. If you're relying on a default route for a multi-hop bgp peer session, it could cause the session to be unreliable due to changes in the network down the line from you. An unreliable bgp session would be bad on the router's cpu/memory if the session were to flap.

Cisco BGP Peering Between 2 ISP

Hi Cisco People,
Just have a question with BGP peering in Cisco's. I have two ISP's which I am peering against for an active and standby configuration. I would like to know if there is a way to configure some sort of 'dead-peer detection' on the router to monitor a public IP address in the event of an ISP failure. I want to find a way to dynamically failover the link in the event of failure when losing pings to an external address.
Regards
Chris

Chris
Dead Peer Detection is one of the functions performed by BGP. If the peer goes dead then BGP will detect it and will withdraw routes learned from that peer from the routing table.
What you describe about monitoring a public address is more about validating that the ISP routing logic is learning and advertising appropriate routes than it is about detecting if a peer has gone dead. I would think that this is possible - but a bit complex. I would think that you could configure IP SLA to track some public address (the tricky bit here is to make sure that you are tracking through ISP1 and not using ISP2 for this). Then you should be able to configure EEM to watch the track and if the route is lost to make appropriate changes in BGP to force the failover.
HTH
Rick

No BGP Peering between CE and PE

Still in the process of modeling the MPLS network that we currently have with one of our Service Providers.
At this point I have placed the same config on the Lab CE's that exist in our production network. I have also followed Cisco Documentation to configure the PE routers, however I cannot get the CE to PE BGP peering.
What am I missing?
*CE Router*
nterface Loopback0
ip address 10.18.0.8 255.255.255.255
interface FastEthernet0/0
ip address 68.139.201.30 255.255.255.252
duplex half
interface FastEthernet1/0
no ip address
shutdown
duplex half
interface FastEthernet1/1
no ip address
shutdown
duplex half
interface FastEthernet2/0
no ip address
duplex full
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 68.139.201.29 remote-as 65000
*PE Router*
ip vrf vpn-mtb
rd 1:100
route-target export 1:100
route-target import 1:100
no ip domain lookup
mpls label protocol ldp
tag-switching tdp router-id Loopback0
interface Loopback0
ip address 68.2.0.1 255.255.255.252
interface FastEthernet0/0
ip address 68.2.1.2 255.255.255.252
duplex auto
speed auto
tag-switching ip
interface FastEthernet1/0
ip vrf forwarding vpn-mtb
ip address 68.139.201.29 255.255.255.252
duplex auto
speed auto
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
router ospf 1
router-id 68.2.0.1
log-adjacency-changes
network 68.0.0.0 0.255.255.255 area 0
router bgp 65000
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 68.2.0.3 remote-as 65000
neighbor 68.2.0.3 update-source Loopback0
no auto-summary
address-family vpnv4
neighbor 68.2.0.3 activate
neighbor 68.2.0.3 send-community extended
exit-address-family
address-family ipv4 vrf vpn-mtb
redistribute connected
neighbor 68.139.201.30 remote-as 1
neighbor 68.139.201.30 activate
neighbor 68.139.201.30 as-override
no auto-summary
no synchronization
exit-address-family

Here are the command outputs:
PE#show ip bgp vpnv4 all summary
BGP router identifier 68.2.0.1, local AS number 65000
BGP table version is 3, main routing table version 3
1 network entries using 137 bytes of memory
1 path entries using 64 bytes of memory
3/1 BGP path/bestpath attribute entries using 348 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 573 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 15 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
68.2.0.3 4 65000 0 0 0 0 0 never Active
68.139.201.30 4 1 29 29 0 0 0 never Active
CE#show ip bgp summary
BGP router identifier 68.2.0.1, local AS number 1
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
68.139.201.29 4 65000 4246 4246 0 0 0 never Active

An account failed to log on unknown username or password. Causing Login audit failures

I have a SBS11 Essentials server that is getting audit Failures over and over again. There computer account says it's the SBS11 server it's self. It says unknown user name or bad password. I have checked for scheduled tasks, backup jobs, services and
non of them are using any special user accounts. I have used MS network monitor and can't find anything helpful to lead to the issue. All computers in the network are running Windows 7. The domain functional level is 2008 R2.
I get a the 4768 event ID about a Kerberos event and then just after I get a Event ID 4625 account failure with Logon Type 3. I have includes the events below. I need to figure what is causing the audit failures as my GFI Test Hacker alert is
catching it every morning. Disabling the Test Hacker alert is not a option. I have used Process Explorer also but can't seem to pin it down. I also enabled Kerberos logging.
http://support.microsoft.com/kb/262177?wa=wsignin1.0. All event codes state its a unknown or no existing account but how do I stop it from happening?
This is from the System Event log
A Kerberos Error Message was received:
on logon session TH.LOCAL\thsbs11e$
Client Time:
Server Time: 14:59:53.0000 3/4/2014 Z
Error Code: 0x6 KDC_ERR_C_PRINCIPAL_UNKNOWN
Extended Error:
Client Realm:
Client Name:
Server Realm: TH.LOCAL
Server Name: krbtgt/TH.LOCAL
Target Name: krbtgt/[email protected]
Error Text:
File: e
Line: 9fe
Error Data is in record data.
This is from the Security Event log
A Kerberos authentication ticket (TGT) was requested.
Account Information:
Account Name: S-1-5-21-687067891-4024245798-968362083-1000
Supplied Realm Name: TH.LOCAL
User ID: NULL SID
Service Information:
Service Name: krbtgt/TH.LOCAL
Service ID: NULL SID
Network Information:
Client Address: ::1
Client Port: 0
Additional Information:
Ticket Options: 0x40810010
Result Code: 0x6
Ticket Encryption Type: 0xffffffff
Pre-Authentication Type: -
Certificate Information:
Certificate Issuer Name:
Certificate Serial Number:
Certificate Thumbprint:
Certificate information is only provided if a certificate was used for pre-authentication.
Pre-authentication types, ticket options, encryption types and result codes are defined in RFC 4120.
I then get teh following error in the next event
An account failed to log on.
Subject:
Security ID: SYSTEM
Account Name: THSBS11E$
Account Domain: TH
Logon ID: 0x3e7
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name:
Account Domain:
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc0000064
Process Information:
Caller Process ID: 0x25c
Caller Process Name: C:\Windows\System32\lsass.exe
Network Information:
Workstation Name: THSBS11E
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Schannel
Authentication Package: Kerberos
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
The Process Information fields indicate which account and process on the system requested the logon.
The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Well I opened the case for him and he never followed up with Microsoft :-(
It's a kerberos issue, we're told to ignore it. Would you be willing to be patient and stubborn and work with CSS to at least understand what's going on better? I can tell you it's normal with Essentials but not the exact technical reason it's
happening.
Unfortunately TechNet isn't coming back, sorry folks :-(

How many BGP peers does the 3548 switch support?

Is it possible to run more than 40 peers on a single switch? What is the limitation if not?

Hi ,
You can have 40 BGP peers , IPV4 unicast routes handled by hardware is only 24000 .Enusre all your BGP peering routing updates is within this limits .
http://www.cisco.com/c/en/us/products/collateral/switches/nexus-3548-switch/data_sheet_c78-707001.html
Table 7. Hardware Specifications Common to Both Switches
Mode
Normal Mode
Warp Mode
Hardware tables and scalability
Number of MAC addresses
64,000
8000
Number of IPv4 unicast routes
24,000
4000
Number of IPv4 hosts
64,000
8000
Number of IPv4 multicast routes
8000
8000
Number of VLANS
4096
Number of ACL entries
4096
Number of spanning-tree instances
Rapid Spanning Tree Protocol (RSTP): 512
Multiple Spanning Tree (MST) Protocol: 64
Number of EtherChannels
24
Number of ports per EtherChannel
24
Buffer size
6 MB shared among 16 ports; 18 MB total
Boot flash memory
2 GB
HTH
Sandy

Intercompany Deliveries were created with zero quantity, causing an idoc failure and the remaining delivery too

Intercompany Deliveries were created with zero quantity, causing an idoc failure and the remaining delivery too
a. User trying to create delivery but stock not available.
b. When stock is not there it should show an error message in SAP screen but its not - like stock not available etc
c. Fedex gets delivery notice for the delivery; if its more than zero it will create delivery otherwise less than zero it won’t accept.
d. But issue its creating even its less than zero
Is there anyone who can help me out...

When one is created with zero quantities it starts blocking our deliveries from getting through to fedex because deliveries will in doubt have been blocked at fedex. As we process our orders in morning and if there is an STO blocking orders, it will be in afternoon .
Any suggestions !!!

Error messages in 2651XM GW, cause outbound call failure, reboot fix it

Cisco 2651XM as Gateway, it keep posting these error message and after a period of time, it cause outbound call failure.
Reboot fix it but there're still error messages...
How to fix it? It's IOS bug or hardware issue? How to identify?
Cisco IOS Software, C2600 Software (C2600-IPVOICE-M), Version 12.3(8)T10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 03-Aug-05 20:45 by hqluong
ROM: System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1)
cpchn1-g1 uptime is 6 hours, 56 minutes
System returned to ROM by reload at 03:52:44 NZST Tue Apr 17 2007
System restarted at 03:56:27 NZST Tue Apr 17 2007
System image file is "flash:c2600-ipvoice-mz.123-8.T10.bin"
Cisco 2651XM (MPC860P) processor (revision 0x100) with 118784K/12288K bytes of memory.
Processor board ID JAE072000AJ (1555074759)
M860 processor: part number 5, mask 2
2 FastEthernet interfaces
62 Serial interfaces
2 Channelized E1/PRI ports
32K bytes of NVRAM.
32768K bytes of processor board System flash (Read/Write)
See attach detail error messages

Cisco 2651XM as Gateway, it keep posting these error message and after a period of time, it cause outbound call failure.
Reboot fix it but there're still error messages...
How to fix it? It's IOS bug or hardware issue? How to identify?
Cisco IOS Software, C2600 Software (C2600-IPVOICE-M), Version 12.3(8)T10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 03-Aug-05 20:45 by hqluong
ROM: System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1)
cpchn1-g1 uptime is 6 hours, 56 minutes
System returned to ROM by reload at 03:52:44 NZST Tue Apr 17 2007
System restarted at 03:56:27 NZST Tue Apr 17 2007
System image file is "flash:c2600-ipvoice-mz.123-8.T10.bin"
Cisco 2651XM (MPC860P) processor (revision 0x100) with 118784K/12288K bytes of memory.
Processor board ID JAE072000AJ (1555074759)
M860 processor: part number 5, mask 2
2 FastEthernet interfaces
62 Serial interfaces
2 Channelized E1/PRI ports
32K bytes of NVRAM.
32768K bytes of processor board System flash (Read/Write)
See attach detail error messages

NX-OS show ip bgp rib-failure equivalent

I utilize the: show ip bgp rib-failure command in IOS to check for BGP learned routes which did not get installed in the routing table.
However, in my Cisco 7009 with Enterprise licensing, I cannot find the equivalent command to check for RIB failures and the reason for the RIB failure.

I've ran into the same issue on IOS-XR code and hasn't been able to find any equivalent in XR docs.
Just wondering if you have found some more information on your NX code?
BR,
Tomas

Option Icon 452 is causing a critical failure. Suggestions?

Option Icon 452 is causing a critical failure as soon as I put it into the USB slot. It seems that loading the wrong drivers for it or thinking its something that its.
Each time I put the 452 into the USB slot I immediately get an error in which the screen takes on a shade of gray and a black box in 6 languages appears saying "You need to restart your computer. Hold down the power button until it turns off" - I cannot do anything besides that and if I leave the modem attached and restart the same error appears as soon as it boots up. Once I take it off I'm able to restart normally again. Not sure what that problem is but it seems rather critical.
I'm not having any other problems with my macbook and I have a friend who tested the Option iCon 452 on his macbook and had no problems. So I'm kinda muddled.
thanks for any suggestions.

Runaway org.postfix.master if you want to take a look at it. Linc.
Tried a old hack, no go.
https://discussions.apple.com/thread/3184945?tstart=0

BGP peering with ISP

Hello Guys
I have a scenario where I would like to have your insights.
1. Client having Main site and DR site connected to same ISP with public IP line.
2. The client has acquired a public IP block (/24) and would like to use same on both main and DR sites.
Would this be possible through BGP? How can we advertise the same IP block on 2 sites?
The sites need to be in an active-active scenario.
Thanks

Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
If you're going to advertize the same address block, from two different BGP peers, whether to the same ISP or different ISPs, the expectation is, you can get to or from that address block along either path. I.e. you need an "internal" path between your two BGP peers. Otherwise, the "critical" BGP path fails, you continue to advertize an address block that's unreachable.
There's no need to split your block unless you were trying to manually load balance using your two paths.
As another poster noted, you might have asymmetrical routing (depending on path costing), but from a pure L3 perspective it doesn't matter. It can, though, matter to stateful devices like firewalls. The latter might be addressed by firewalls at both sites sharing state information.

ISP BGP peering with HSRP for redundancy

we have a router7507, BGP peering to one ISP. Now, we need a router redundancy solution.
I want to use HSRP in the BGP peering interface, because the ISP only peering us a IP address, I have to use HSRP on two router interfaces, and use HSRP virtual IP to peer the ISP, do you think this solution is working, or some troubles, will BGP work fine with HSRP interfaces?
thanks.

yes BGP works fine with HSRP interface.Here is some sample configurations for your reference.
Router A Configuration (ISP Router):
interface ethernet 0
ip address
standby 1 ip (The ip should be same as above command)
standby 1 priority 110
standby 1 track Serial0.100
standby 1 preempt
Router B Configuration (client Router):
interface ethernet 0
ip address
standby 1 ip (The ip should be same as ISPs address>
standby 1 priority 105
standby 1 track Serial0.100
standby 1 preempt

Link Local BGP peering between Cisco and Juniper (M-Series)

Hi,
has anybody successfully managed to get a working IPv6 session between a Cisco and a Juniper router using Link Local IPs?
I got it working between two cisco routers and two Juniper Routers but not with the two different vendors.
Configuration on the Juniper site:
   family inet6 {
       address FE80::1/64;
protocols {
      bgp {
          group customer_ipv6 {
              neighbor fe80::2 {
                  local-interface at-2/0/0.119;
                  peer-as 65300;
                  as-override;
Configuration on the Cisco site:
interface ATM0/0/0.1 point-to-point
bandwidth 2033
ip address 10.194.235.42 255.255.255.252
ip access-group AL-SECURITY-WAN out
ip mtu 1500
ipv6 address FE80::2 link-local
ipv6 enable
bfd interval 999 min_rx 999 multiplier 15
pvc 1/32
vbr-nrt 2244 2244 1
tx-ring-limit 3
encapsulation aal5snap
router bgp 65300
bgp router-id 10.213.58.185
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor FE80::1%ATM0/0/0.1 remote-as 65300
neighbor FE80::1%ATM0/0/0.1 version 4
neighbor FE80::2%GigabitEthernet0/1 remote-as 65300
neighbor FE80::2%GigabitEthernet0/1 version 4
address-family ipv4
exit-address-family
address-family ipv6
neighbor FE80::1%ATM0/0/0.1 activate
neighbor FE80::1%ATM0/0/0.1 advertisement-interval 5
neighbor FE80::1%ATM0/0/0.1 soft-reconfiguration inbound
neighbor FE80::1%ATM0/0/0.1 route-map NH6 out
neighbor FE80::2%GigabitEthernet0/1 activate
neighbor FE80::2%GigabitEthernet0/1 advertisement-interval 5
neighbor FE80::2%GigabitEthernet0/1 soft-reconfiguration inbound
neighbor FE80::2%GigabitEthernet0/1 route-map NH6 out
exit-address-family
CE_HOSTNAME# show ip bgp ipv6 uni su
BGP router identifier 10.213.58.185, local AS number 65300
BGP table version is 7, main routing table version 7
4 network entries using 656 bytes of memory
4 path entries using 320 bytes of memory
1/1 BGP path/bestpath attribute entries using 128 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
2 BGP community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1200 total bytes of memory
BGP activity 34/12 prefixes, 38/12 paths, scan interval 60 secs
Neighbor        V           AS MsgRcvd MsgSent   TblVer InQ OutQ Up/Down State/PfxRcd
FE80::1%ATM0/0/0.1
                4        65300       0       0        1    0    0 never    Idle
FE80::2%GigabitEthernet0/1
                4        65300      15      16        7    0    0 00:10:59        4
CE_HOSTNAME#
The console monitoring states the following:
Nov 10 06:30:33.023 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
Nov 10 06:30:33.023 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
Nov 10 06:30:33.023 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
de-ipc-ulmdon-ce-02#
Nov 10 06:30:33.023 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session BGP Notification sent
The Cisco Router is running IOS 15.2, the Juniper Site JunOS 10.4
Any Ideas how I can get this to work?
Thanks in advance!

Marcin,
I updated the debugging log, the previous one was created using override-capability-neg on the neighbor (experimental).
>>0) Do you see similar scenario for working session? (Between two Cisco routers)
The working connection between two cisco routers doesn't show any output
>>1) What verion of IOS are you running? Something failrly recent I hope?
Show Version:
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(1)T1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Mon 19-Sep-11 16:24 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)
CE_HOSTNAME uptime is 2 weeks, 5 days, 21 hours, 35 minutes
System returned to ROM by reload at 18:43:21 MET(S) Fri Oct 21 2011
System restarted at 18:44:50 MET(S) Fri Oct 21 2011
System image file is "flash:c1900-universalk9-mz.SPA.152-1.T1.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO1941/K9 (revision 1.0) with 446464K/77824K bytes of memory.
Processor board ID FCZ1504C0G8
1 DSL controller
2 Gigabit Ethernet interfaces
1 ATM interface
1 terminal line
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
License Info:
License UDI:
Device#   PID                   SN
*0        CISCO1941/K9          FCZ1504C0G8
Technology Package License Information for Module:'c1900'
Technology    Technology-package           Technology-package
              Current       Type           Next reboot
ipbase        ipbasek9      Permanent      ipbasek9
security      None          None           None
data          datak9        Permanent      datak9
Configuration register is 0x2102
>>2) Can we have some more info from Juniper side (logs/debugs).
Sadly not. The Juniper Traceoptions don't show anything
All I can offer you at this point is the neighbor show command:
user@Juniper> show bgp neighbor fe80::2 instance vrf-test
Peer: fe80::2 AS 65300         Local: unspecified AS 20570
Type: External    State: Idle           Flags:
Last State: NoState       Last Event: NoEvent
Last Error: None
Export: [ pol-standard-bgp-export ] Import: [ pol-standard-bgp-import ]
Options:
Options:
Address families configured: inet6-unicast
Path-attributes dropped: 128
Holdtime: 90 Preference: 170
Number of flaps: 0
Trace options: all
Trace file: /var/log/bgp_ipv6_ll_20111110 size 131072 files 10
user@Juniper> show bgp summary instance vrf-test
Groups: 2 Peers: 2 Down peers: 1
Table          Tot Paths Act Paths Suppressed    History Damp State    Pending
vrf-2.inet.0          37         16          0          0          0          0
vrf-.inet6.0           0          0          0          0          0          0
vrf-24.mdt.0           0          0          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.194.235.42         65300       1149       1076       0       1     8:44:00 Establ
vrf-test.inet.0: 6/7/7/0
fe80::2               65300          0          0       0       0     9:38:32 Idle
>>3)
CE_HOSTNAME#
Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) Keep alive timer fired.
Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE requested (bgp_keepalive_timer_expired)
Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) service keepalive IO request.
Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE write request serviced in BGP_IO
CE_HOSTNAME#
Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) Keep alive timer fired.
Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE requested (bgp_keepalive_timer_expired)
Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) service keepalive IO request.
Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE write request serviced in BGP_IO
CE_HOSTNAME#
Nov 10 15:35:52.850 MET: BGP: 10.194.235.41 received KEEPALIVE, length (excl. header) 0
CE_HOSTNAME#
Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 active went from Idle to Active
Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 open active, local address FE80::2
Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Adding topology IPv6 Unicast:base
Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send OPEN
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active went from Active to OpenSent
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active sending OPEN, version 4, my as: 65300, holdtime 180 seconds, ID AD53AB9
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 1, length (excl. header) 10
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive OPEN
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN, version 4, holdtime 90 seconds
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN w/ OPTION parameter len: 0
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from OpenSent to Closing
Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send NOTIFICATION 2/7 (unsupported/disjoint capability) 0 bytes
Nov 10 15:35:54.702 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 3, length (excl. header) 2
Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive NOTIFICATION 2/5 (authentication failure) 0 bytes
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active bad state change from Closing to Closing
Nov 10 15:35:54.702 MET: -Traceback= 21B3370Cz 21B33C74z 21B34258z
Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl IPv6 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl VPNv4 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl VPNv6 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Multicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF delete stale NSF not active
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF no stale paths state is NSF not active
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active closing
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Session close and reset neighbor FE80::1%ATM0/0/0.1 topostate
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from Closing to Idle
Nov 10 15:35:54.702 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session BGP Notification sent
CE_HOSTNAME#CE_HOSTNAME#
Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) Keep alive timer fired.
Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE requested (bgp_keepalive_timer_expired)
Nov 10 15:35:49.574 MET: BGP: ses global 10.194.235.41 (0x2970EDA4:1) service keepalive IO request.
Nov 10 15:35:49.574 MET: BGP: 10.194.235.41 KEEPALIVE write request serviced in BGP_IO
CE_HOSTNAME#
Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) Keep alive timer fired.
Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE requested (bgp_keepalive_timer_expired)
Nov 10 15:35:50.598 MET: BGP: ses global FE80::2%GigabitEthernet0/1 (0x316FBDDC:1) service keepalive IO request.
Nov 10 15:35:50.598 MET: BGP: FE80::2%GigabitEthernet0/1 KEEPALIVE write request serviced in BGP_IO
CE_HOSTNAME#
Nov 10 15:35:52.850 MET: BGP: 10.194.235.41 received KEEPALIVE, length (excl. header) 0
CE_HOSTNAME#
Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 active went from Idle to Active
Nov 10 15:35:54.694 MET: BGP: FE80::1%ATM0/0/0.1 open active, local address FE80::2
Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Adding topology IPv6 Unicast:base
Nov 10 15:35:54.698 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send OPEN
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active went from Active to OpenSent
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active sending OPEN, version 4, my as: 65300, holdtime 180 seconds, ID AD53AB9
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
Nov 10 15:35:54.698 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active KEEPALIVE write request serviced in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active service 2 read request in BGP_IO
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 1, length (excl. header) 10
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive OPEN
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN, version 4, holdtime 90 seconds
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv OPEN w/ OPTION parameter len: 0
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from OpenSent to Closing
Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: sent to neighbor FE80::1%ATM0/0/0.1 active 2/7 (unsupported/disjoint capability) 0 bytes
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Send NOTIFICATION 2/7 (unsupported/disjoint capability) 0 bytes
Nov 10 15:35:54.702 MET: %BGP-4-MSGDUMP: unsupported or mal-formatted message received from FE80::1%ATM0/0/0.1:
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 001D 0104 505A 005A 52D2 C023 00
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active rcv message type 3, length (excl. header) 2
Nov 10 15:35:54.702 MET: %BGP-3-NOTIFICATION: received from neighbor FE80::1%ATM0/0/0.1 active 2/5 (authentication failure) 0 bytes
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Receive NOTIFICATION 2/5 (authentication failure) 0 bytes
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active bad state change from Closing to Closing
Nov 10 15:35:54.702 MET: -Traceback= 21B3370Cz 21B33C74z 21B34258z
Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl IPv6 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl VPNv4 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl VPNv6 Unicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: tbl IPv4 Multicast:base Service reset requests
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF delete stale NSF not active
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) NSF no stale paths state is NSF not active
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active closing
Nov 10 15:35:54.702 MET: BGP: ses global FE80::1%ATM0/0/0.1 (0x296337B4:0) act Session close and reset neighbor FE80::1%ATM0/0/0.1 topostate
Nov 10 15:35:54.702 MET: BGP: nbr_topo global FE80::1%ATM0/0/0.1 IPv6 Unicast:base (0x296337B4:0) Resetting ALL counters.
Nov 10 15:35:54.702 MET: BGP: FE80::1%ATM0/0/0.1 active went from Closing to Idle
Nov 10 15:35:54.702 MET: %BGP_SESSION-5-ADJCHANGE: neighbor FE80::1%ATM0/0/0.1 IPv6 Unicast topology base removed from session BGP Notification sent
CE_HOSTNAME#

What would cause a hardrive failure?

We turn on the computer and all it shows it a white screen with a blinking ? in a folder icon. Supposedly this means a hardrive failure? We didn't do anything out of the ordinary with our computer. Any ideas what would have caused this? Possibly a virus?

improper shutdown.
need to choose Recovery partition and repair the directory, if not more.
the Startup Disk control panel setting was "lost" for some reason (zapped PRAM or did an SMC Reset or other).
It could mean lots of things, incl. a bad sector, or bad file system.
You should have some backup sets. Be able to restore and/or reinstall the system.
After using Disk Utility to do Repair Disk, you should try holding Shift key and doing a Safe Boot next time too.

IPS4240 in bypassmode-auto cause BGP peering failure

Similar Messages

Maybe you are looking for