Sign in to follow this  
Followers 0
vineet_ccie

How to find wrong AS number configuration

19 posts in this topic

Dear Team,

 

Scenario is

AS number is wrongly configured on Backbone router. not here in our topo.

So what is the technique to calculate what is the AS number right configured on there side.

So that we can configure LOCAL-AS keyword after the neighbor command.

 

Please help

 

Thanks

vineet

0

Share this post


Link to post
Share on other sites

Hi Vineet,

 

It is not possible to do so, you will need to know what the AS has been set up the BB router, so either the proctor will tell you, or it will be given to you. No amount of debugging or ACL's will tell you!

 

HTH

Manish.

0

Share this post


Link to post
Share on other sites
Hi Vineet,

 

It is not possible to do so, you will need to know what the AS has been set up the BB router, so either the proctor will tell you, or it will be given to you. No amount of debugging or ACL's will tell you!

 

HTH

Manish.

 

 

Hi Manish,

 

You might want to rethink that statement... B) Actually the answer will be staring you right in the face provided you have the relevant logging severity level set. I'll give you an example.

 

Backbone Router

router bgp 300

no sync

neighbor 172.16.1.2 remote-as 199

 

Peer Router

router bgp 100

no sync

neighbor 172.16.1.1 remote-as 1 (remember you don't know what the true remote-as no. is)

 

After a while a message very similiar to the following should appear..

 

*Jul 27 18:40:55.494: %BGP-3-NOTIFICATION: sent to neighbor 172.16.1.1 (peer in wrong AS) 2 bytes 012C FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 012C 00B4 7401 0D03 1002 0601 0400 0100 0102 0280 0002 0202 00

 

Just simply change the bold part in the below from hex into decimal and you’ll have the correct remote AS:

 

*Jul 27 18:40:55.494: %BGP-3-NOTIFICATION: sent to neighbor 172.16.1.2 2/2 (peer in wrong AS) 2 bytes 012C

 

And there you go 012C in hex equals 300 in decimal.

 

Fred

0

Share this post


Link to post
Share on other sites

Fred,

 

What Vineet is asking, how do you determine what the BB router is doing in terms of its understanding of your AS. The 2 byte number in hex from your output is not the number that the remote router is configured as, and that's what Vineet is wanting to know.

 

In your example your local as is 100 and you are peering with 1, we want to know what BB is trying to peer with to you, and that's what we cannot find out. So back to your example, how do we know BB is doing this "neighbor 172.16.1.2 remote-as 199" and the 199 being the question here.

 

:)

Edited by ManishBehal
0

Share this post


Link to post
Share on other sites
Fred,

 

What Vineet is asking, how do you determine what the BB router is doing in terms of its understanding of your AS. The 2 byte number in hex from your output is not the number that the remote router is configured as, and that's what Vineet is wanting to know.

 

In your example yout local as is 100 and you are peering with 1, we want to kno what BB is trying to peer with to you, and that's what we cannot find out. So back to your example, how do we know BB is doing this "neighbor 172.16.1.2 remote-as 199" and the 199 being the quesion here.

 

:)

 

Hi Manish,

 

Oops sorry I hold my hand up, mistake on my part. :wacko: Yes we are able to decipher what BGP AS the remote (Backbone) router has locally configured in my example but as you correctly state we are unable to ascertain as to what remote-as no. they have configured as OUR AS. As you say, one for the proctor. I have just sat here and watched the output for 10 minutes (off the top of my head before) and run a "debug ip bgp" but come up with no answer!

 

Fred.

0

Share this post


Link to post
Share on other sites

No worries Fred. I am glad I have saved someone the headache of scratching around (like me for hours) trying to find a solution to this. Hours at home are fine, on lab day - need I say more.

0

Share this post


Link to post
Share on other sites

I don't know why fred has confused..He was right... please have a look on my configs...

 

I don't have control on router R1 here.

 

Configs of router 2 i.e r2 is shown here..

router bgp 6501

no synchronization

neighbor 10.10.10.1 remote-as 5301---I am sure proctor will not help here... ^_^ ; this is difficulty point set by proctor to gauge our expertise. In this scenario I am expecting my peer has AS 5301 as per instruction given in topology...

 

I am getting following error..

 

Mar 1 00:11:43.207: %BGP-3-NOTIFICATION: sent to neighbor 10.10.10.1 2/2 (peer in wrong AS) 2 bytes 14B7 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 14B7 00B4 1414 1401 1002 0601 0400 0100 0102 0280 0002 0202 00

 

If you convert 2 bytes hex value i.e 14B7 to decimal will be 5303.

 

Please find router 1 config; which is not under my control....(But here I have control ;) )

 

r1#sh run | be router bgp

router bgp 5303

no synchronization

bgp log-neighbor-changes

neighbor 10.10.10.2 remote-as 5300

 

You can easily figureout that I was trying to peer with 5303 AS....

 

Vineet, please confirm; you want to know the same thing or not?

 

PS:- Please I was using this lab exercise for confederation; hence requesting you to ignore configs related to same.

 

Actual configs on bother routers are as follows.

 

r1#sh run | be router bgp

router bgp 5301

no synchronization

bgp log-neighbor-changes

network 14.0.0.0 mask 255.255.255.252

network 14.10.10.0 mask 255.255.255.0

network 20.20.20.0 mask 255.255.255.0

neighbor 10.10.10.2 remote-as 5300

neighbor 10.10.10.2 description ***peering with r2****

neighbor 10.10.10.13 remote-as 5302

neighbor 10.10.10.13 distribute-list 1 out

no auto-summary

 

r2#sh run | be router bgp

router bgp 6501

no synchronization

bgp log-neighbor-changes

bgp confederation identifier 5300

bgp confederation peers 6502

neighbor 10.10.10.1 remote-as 5301

neighbor 10.10.10.1 description ***peering with r1 as ebgp****

neighbor 10.10.10.1 remove-private-AS

neighbor 10.10.10.6 remote-as 6502

 

This is the script to check vineet query..

 

conf t

no router bgp 5301

router bgp 5303

neighbor 10.10.10.2 remote-as 5300

end

Edited by sandeep_kumar_nigam
0

Share this post


Link to post
Share on other sites

Sandeep,

 

Good answer but no points. You have not answered the question that is being asked. Please kindly read my second reply, we do not want to know the remote as, but instead what AS the remote router is peering to us on.

0

Share this post


Link to post
Share on other sites
Sandeep,

 

Good answer but no points. You have not answered the question that is being asked. Please kindly read my second reply, we do not want to know the remote as, but instead what AS the remote router is peering to us on.

 

 

Oh, Ok than we need to check in questions itself as it might be given in somewhere in lab instructions might be via some output of show ip route or show ip bgp ;)

Edited by sandeep_kumar_nigam
0

Share this post


Link to post
Share on other sites

This is an interesting question for all the right reasons. Anyway, you (during the lab) will be advised I guess which AS to the BB router is peering with. I do not think even Cisco is so brutal to make you go from AS 1 - 65535 before the peering comes up. That would take you entire 8 hours!!!! :)

Edited by ChancesD
0

Share this post


Link to post
Share on other sites
I thought you knew TCL scripts and Macros Mr Chances!

 

Hey n00b13,

 

Can you share?. Some scripts or macros with us.

 

Sandeep

0

Share this post


Link to post
Share on other sites

Another good question. So, how do we set up a tickle script to configure a neighbohrship with this AS?

 

foreach bgp {

neigh 1.1.1.1 remote-as 1

neigh 1.1.1.1 remote-as 2

neigh 1.1.1.1 remote-as 3

...

neigh 1.1.1.1 remote-as 65535}

 

Will this work? Any tickle expert here? :)

0

Share this post


Link to post
Share on other sites

That script would be a big waste of time. from 1 till 65535 ????

 

the script you put is very basic, ofcourse you could do a script, but you'd have to do some checks.

after puting a neighbor statement you'd have to check if it comes up.

wait a little bit for bgp to come-up, if not delete neighbor and then add new neighbor with different AS.

 

this is a bit waste of time.

 

let's say on every neighbor you wait 10 seconds to come up. that is 65535*10=655350

now 655350 secs is: 10922,5 minutes, and in hours would be surely more then 8 hours... and you've failed your bgp part at least on the LAB.

 

anyway, I really don't think they will ask you to find out neighbor BGP AS number.

if they do, I'd say you're screwd.!!!

 

Regards,

0

Share this post


Link to post
Share on other sites

lostchild,

 

This was my point exactly. In a situation like this we would not be able to guess the peering AS, it is information we must be advised of due the the time constraints of the lab.

 

Regards,

Edited by ChancesD
0

Share this post


Link to post
Share on other sites

Friends!!!!...

Good news I got one friend who got the same difficulty point in his lab; he discovered peer as mentioned for his administrator AS was listed in diagram with detailed instruction ;)

 

 

Hope no worries in our time...if yes there must be some sort of hint will be there in instructions, otherwise we will waste our 8 hours lab time for finding AS number to be peer :D

0

Share this post


Link to post
Share on other sites

azoul,

 

This tells us how to remedy the problem, not what the problem is. In this case what the peering AS is.

0

Share this post


Link to post
Share on other sites

Guys..

 

Somewhere I have read that it's a build in-security feature in BGP that you don't have any tool to

"guess" the right BGP config. You can't hack a fiber and then peer with a router. That makes sence.

 

In the last couple of days I have tried to find the source of my postulate, but I can't,....sorry.

Without documentation my postulate could be case of bad memory....

 

If I am very bored some day, I will look through the RFC's to read all BGP communication. Byte by byte.

If it's possible to "hack", -then there must be a "here are what I do belive that your as-number are" -sequence.

This should happend to make session "active".

What should that be usefull for? Just about as usefull as the teller machine broadcasting

"here is the lads pin-code"....:-)

 

 

Regards

A61971

Edited by a61971
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0