Quagga and SRX BGP communication

Since the gated daemon, IGP/EGP software has evolved tremendously. I had used zebra long time ago but now to better manage my lab network I wanted to use quagga BGP and OSPF daemons. Quagga is spectacular and
its syntax is almost the same like Cisco IOS. After having used JunOS for 2 years, it is a bit difficult to switch to cisco CLI. I want to write this post because of a problem I encountered during BGP communication between quagga and an SRX/JunOS device as I am not that familiar with quagga.

I configured quagga BGP like below

linrouter-bgp# show run

Current configuration:
!
hostname linrouter-bgp
password test123
log stdout
!
router bgp 100
 network 192.168.193.0/24
 neighbor 192.168.200.1 remote-as 1000
!
line vty
!
end

and configured SRX like this;

[edit protocols]
root@srx100-1# show
bgp {
    group ebgp_group {
        peer-as 100;
        local-as 1000;
        neighbor 192.168.200.254;
    }
}

But BGP state didn’t switch from Active to Established. However I saw the following error;

root@srx100-1# run show bgp neighbor
Peer: 192.168.200.254 AS 100   Local: 192.168.200.1 AS 1000
  Type: External    State: Active         Flags: <>
  Last State: Idle          Last Event: Start
  Last Error: Open Message Error
  Options: 
  Holdtime: 90 Preference: 170 Local AS: 1000 Local System AS: 1000
  Number of flaps: 0
  Error: 'Open Message Error' Sent: 1 Recv: 0

It is obvious that there is a communication error during the initial stage of BGP hand shake.
Possibly there is a command to troubleshoot this error but I looked into the packet capture at Linux Quagga side.

bgp_open_message_error

packet capture clearly indicated that SRX returns an Error subcode: “Bad BGP Identifier”
I have noticed that BGP identifier sent by quagga is 0.0.0.0 as I hadn’t set anything:) Once I set it via :

bgp router-id 192.168.200.254

command in quagga, everything worked like a charm.

Recently I put my linux devices as a central point between SRX devices and hope to play with BGP/OSPF. I will share my experiences via my posts as well.

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE


One thought on “Quagga and SRX BGP communication”

Leave a Reply to AnnoCancel reply

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading