This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Yury_Anoshyn
Participant
‎2018-04-23 05:16 AM

bgp dual-peering

Hello all.

Gaia R80.10 .

i have prepare schema with interconecting VSX VS1 with two Nexus via eBGP .
VSX VS1 has IP1 , Nexus1 - IP2 , Nexus2 - IP3. At nexus side is AS 65010, at Checkpoint side is AS 65020.

Settings for both peers same.

session between VSX VS1 and nexus1 session state = established.
session between VSX VS1 and nexus2 session state = Active( flaps with Connect)

Why second session is not up?

in checkpoint advanced routing guide r.80.10 i see : "Dual Peering. This option enables the connection to the Local ASN or the Peer Local ASN. There can be only one active connection. If you do not enable this option, it is only possible to connect to the Peer Local ASN. "

Is it my case ? did i need switch this options on ?  

when i try change config i have error messages :

set bgp external remote-as 65010 peer IP3 peer-local-as dual-peering on -------- > BGP: Peer Local AS is not enabled on this peer.
set bgp external remote-as 65010 peer IP3 peer-local-as as 65020 on -------- > RTGRTG0019 BGP: Peer Local AS cannot be equal to the Local AS.
set bgp external remote-as 65010 peer IP3 peer-local-as as 65010 on -------- > RTGRTG0019 BGP: Peer Local AS cannot be equal to the remote peer's AS.

Where i'm wrong ????

With regards, Yury.

4 Replies
Sundeep_Mudgal
Employee
Employee
‎2018-04-25 10:17 AM

No you do not need peer-local-as or dual-peering.  Did you check for any BGP errors in /var/log/messages or /var/log/routed_messages?

Yury_Anoshyn
Participant
‎2018-06-07 12:51 PM
In response to Sundeep_Mudgal

Sundeep Mudgal wrote:

No you do not need peer-local-as or dual-peering.  Did you check for any BGP errors in /var/log/messages or /var/log/routed_messages?

yes. but without any helpfull  error messages.

As we later found - source of our problem was bug in Nexus firmware.

Enyi_Ajoku
Collaborator
‎2019-03-30 05:26 PM
In response to Yury_Anoshyn

Hi Yury,

What steps did you to resolve this issue?

I am presently experiencing the same issue with a cisco nexus switch.

Thanks

 

 

Peter-L
Explorer
‎2019-07-22 07:53 AM
In response to Enyi_Ajoku

Me too, could you advise what the version of NX-OS you were on and what version you went too?

Thanks
0 Kudos