BGP configuration seems difficult but in reality it's a simple routing protocol. To proper debug bgp on fortios you need to do a few primary actions.
To test layer2/3 connection ;
x.x.x.x == the remote -bgp speaker
execute ping x.x.x.x
You probably want to set ping-options and the source
To verify tcp.port 179 is open,
execute telnet x.x.x.x 179
Next, you can enable bgp protocol debug options
It's wise to set level to info and if you have numerous bgp peers you might have a lot of information. For a new turn up that's giving you issues, use "diag ip router bgp all enable" for example.
Most bgp issues always fall back on typo( wrong peer, wrong AS,etc...) or layer2/3 issue. Keep in mind if you have filters, tcp.port destination 179 needs to be allowed in and out.
If you do get a ESTABLISHMENT and then the session dies, that could be a maximum-received prefix limits reach and the bgp-session tcp-reset when this happens.
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment