Eh could be worse. I spent 3 days once having (carrier which shall remain unnamed) ask for my BGP config when the circuit wasn't showing light yet.
At least it's *plausible* that it could be your BGP config, instead of, you know, buckshot somewhere around 5th ave... -Blake On Fri, Jun 28, 2013 at 9:59 AM, Matthew Huff <[email protected]> wrote: > No, I don't have any CoPP defined (at least at the moment trying to debug > it). No ACLs or anything else like that. The ISP keeps wanting me to send > them my BGP configuration (which I've sent to at least 3 different people), > rarther than looking at the obvious that BGP won't ever come up if we can't > get a TCP session established. > > ---- > Matthew Huff | 1 Manhattanville Rd > Director of Operations | Purchase, NY 10577 > OTA Management LLC | Phone: 914-460-4039 > > From: John Neiberger [mailto:[email protected]] > Sent: Friday, June 28, 2013 10:56 AM > To: Matthew Huff > Cc: cisco-nsp ([email protected]); [email protected] > Subject: Re: [c-nsp] Weird IPv6 problem passing Layer3 traffic > > Do you have CoPP configured? I've seen this exact behavior when I didn't > have a permit statement for my neighbor or link address in the right ACL, > so it was getting rate-limited to death. > > On Fri, Jun 28, 2013 at 8:33 AM, Matthew Huff <[email protected]<mailto: > [email protected]>> wrote: > Trying to bring up a new BGP peering session with a ISP. IPv4 peering is > working fine on the same interface. The BGP peering fails early in trying > to go active. Using "debug tcp transactions", I see the SYN going out, but > no ACK ever returning. I can't telnet to their box on port 179 either > (debug packet shows it doing the same, SYN begin sent, but no packets, > including ACK). However, I can ping their interface. > > The interface config has been stripped, and still doesn't work. I've reset > the interface, and even rebooted our router, with no change in behavior. > > We have a Cisco 7204VXR with NPE-G2, running 15.2(4)S1. I have an > identical router with same version connected to another ISP and a tunnel to > HE.net. It's not my first time at the rodeo. We are connected via metro > Ethernet to a sub-interface on a JunOS box (model and version unknown). My > suspicion is that either they have an ACL that's blocking it, or their BGP > process isn't listening on that sub-interface. But they claim that it isn't > their problem. I have zero JunOS experience and they seem to be flopping > around. > > Anyone have any idea what else the problem might be? > > From our side (simplied config to test): > > > interface FastEthernet2/1 > ip address 162.211.110.2 255.255.255.252 > speed auto > duplex auto > ipv6 address 2607:F518:15F::2/126 > ipv6 enable > end > > rtr-inet2#show ipv6 cef 2607:F518:15F::1 > 2607:F518:15F::1/128 > attached to FastEthernet2/1 > > rtr-inet2#show ipv6 cef exact-route 2607:F518:15F::2 2607:F518:15F::1 > 2607:F518:15F::2 -> 2607:F518:15F::1 => IPV6 adj out of FastEthernet2/1, > addr 2607:F518:15F::1 > > rtr-inet2#show ipv6 neighbors > IPv6 Address Age Link-layer Addr State > Interface > 2607:F518:15F::1 0 0021.5903.1367 REACH Fa2/1 > > rtr-inet2#ping 2607:F518:15F::1 > Type escape sequence to abort. > Sending 5, 100-byte ICMP Echos to 2607:F518:15F::1, timeout is 2 seconds: > !!!!! > Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms > > ---- > Matthew Huff | 1 Manhattanville Rd > Director of Operations | Purchase, NY 10577 > OTA Management LLC | Phone: 914-460-4039 > > > _______________________________________________ > cisco-nsp mailing list [email protected]<mailto: > [email protected]> > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ >
