Got it
Enterprise
Community Forums Switches
[Troubleshooting sharing]...

[Troubleshooting sharing]the Router show "BGP MD5 Auth error" when it try to establish BGP peer with both switches that run VRRP

Latest reply: Dec 24, 2018 01:25:07 501 3 0 0
display all floors #1
I have a troubleshooting case to share for you.


the topology is so simple, 2 Switches are running VRRP and use VRRP virtual IP address to establish BGP peer with a Router, and configure MD5 authentication for BGP.

but we found that the Routes show "BGP MD5 Auth error" on it, and after configure the command“peer listen-only" on the VRRP Slave switch, the error message terminated.

the analysis for this issue is below:

The root cause for the “BGP MD5 Auth error" is that VRRP slave couldn’t receive TCP response packets from peer device, so VRRP slave will try to send TCP request packets with MD5 digest continuously. And peer device only can response packets to VRRP master, since VRRP Master and VRRP Slave were using different source TCP port, so VRRP Master will verify the packets failed when it received the packets which should be sent to VRRP Slave.

If VRRP Master verified the packet failed, VRRP will notice the peer device, in this case, peer device will get the error message “BGP MD5 Auth error”.

after cutomer configure "peer linten-only" on VRRP Slave switch, the slave switch will stop sending TCP packets. and the error message will terminated.


From group: Switch
  • x
  • convention:

Helpful (0) Favorite(0) Share Report
Previous: Is IS-IS Applicable to the Network Where One CE Is Dual-Homed to Two PEs?
Next: VRRP IPv6 authentication
wissal
MVE Created Jun 17, 2018 12:43:16 Helpful(0) Helpful(0)

thanks for sharing this nice doc
View more
  • x
  • convention:
I%20would%20like%20to%20share%20with%20you%20my%20experience%2C%20I'm%20telecommunications%20engineer%2C%20currently%20senior%20project%20manager%20at%20an%20operator%2C%20partner%20of%20Huawei%2C%20in%20the%20radio%20access%20network%20department%2C%20for%2020%20years%20I%20managed%20several%20types%20of%20projects%2C%20for%20the%20different%20nodes%20of%20the%20network.%3Cbr%2F%3EAt%20the%20same%20time%2C%20I%20give%20courses%20in%20universities%20as%20a%20temporary%2C%20to%20bring%20the%20operational%20side%20of%20telecommunication%20technologies%20to%20students%2C%20for%20network%20supervision%20systems%2C%20mobile%20radio%20networks%20and%20access%20networks%20et
YOO
Created Dec 22, 2018 03:30:56 Helpful(0) Helpful(0)

It is very helpful for the learner in the first stage.
View more
  • x
  • convention:
xiaomumu
Created Dec 24, 2018 01:25:07 Helpful(0) Helpful(0)


Very helpful
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.

APP

Huawei Enterprise Support Community
Huawei Enterprise Support Community
Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.