Hey Taqdir,
I had some free time so I figured I would try to answer your question.
I have a small two router setup here
(R1) ------155.1.12.0/2-------(R2) The connection is serial between
R1(S0/0) and R2 (S0/0)
The router configs are as follows:
R1#sh run int s0/0
Building configuration...
Current configuration : 84 bytes
!
interface Serial0/0
ip address 155.1.12.1 255.255.255.0
clock rate 2000000
end
R1#sh run | sec bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 155.1.12.2 remote-as 200
no auto-summary
R1#
R2#sh run int s0/0
Building configuration...
Current configuration : 84 bytes
!
interface Serial0/0
ip address 155.1.12.2 255.255.255.0
clock rate 2000000
end
R2#sh run | sec bgp
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor 155.1.12.1 remote-as 100
no auto-summary
R2#
I set up the a sniffer on the Serial Interface, and went to R2 and shut
down S0/0. Wait till the link
and the bgp peering drops, start the sniffer and you will see:
No. Time Source Destination Protocol
Info
30 99.554276 155.1.12.2 155.1.12.1 TCP
14485 > *bgp* [SYN] Seq=0 Win=16384 Len=0 MSS=1460
Frame 30 (48 bytes on wire, 48 bytes captured)
Cisco HDLC
Internet Protocol, Src: 155.1.12.2 (155.1.12.2), Dst: 155.1.12.1
(155.1.12.1)
Transmission Control Protocol, Src Port: 14485 (14485), Dst Port: bgp
(179), Seq: 0, Len: 0
No. Time Source Destination Protocol
Info
31 99.556955 155.1.12.1 155.1.12.2 TCP
*bgp* > 14485 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460
Frame 31 (48 bytes on wire, 48 bytes captured)
Cisco HDLC
Internet Protocol, Src: 155.1.12.1 (155.1.12.1), Dst: 155.1.12.2
(155.1.12.2)
Transmission Control Protocol, Src Port: bgp (179), Dst Port: 14485
(14485), Seq: 0, Ack: 1, Len: 0
No. Time Source Destination Protocol
Info
32 99.561367 155.1.12.2 155.1.12.1 TCP
14485 > *bgp* [ACK] Seq=1 Ack=1 Win=16384 Len=0
Frame 32 (44 bytes on wire, 44 bytes captured)
Cisco HDLC
Internet Protocol, Src: 155.1.12.2 (155.1.12.2), Dst: 155.1.12.1
(155.1.12.1)
Transmission Control Protocol, Src Port: 14485 (14485), Dst Port: bgp
(179), Seq: 1, Ack: 1, Len: 0
No. Time Source Destination Protocol
Info
33 99.562926 155.1.12.2 155.1.12.1 BGP
OPEN Message
I cleaned up the trace for clarity but you can see how the 3way
handshake goes down.
Where I have highlighted BGP the you can substitute "UDP Port 179" the
"> or <" indicates
direction, and other number in the line is the "random" port.
When you enter the command "nei 155.1.12.2 remote-as 200" on R1 you are
telling the router
to send a tcp connection attempt to R2, while simultaneously telling R1
to begin listening on
TCP port 179 for a tcp connection attempt from R1. The same applies for
the nei statements on R2.
Together the to commands allows BGP to form a peering relationship
between to two routers.
As you can see in No. 33 on the trace, once the tcp 3 way handshake is
completed the routers begin
sending BGP specific messages and subsequently a neighbor relationship
is formed (that part I left out).
As a note you can run and "debug ip tcp" or "debug ip tcp transactions"
on a router and perform the same shut/no shut. The router will provide
you with all of the tcp connection info to include the windowing,
authentications settings, etc...
I didn't do that because the output can be overwhelming.
This is my understanding of how it actually works, if this is not
correct please correct this post.
Warmest Regards,
Terry
Taqdir Singh wrote:
> BGP peers form neigh. relationship on TCP port 179.. is this TCP port
> 179 ..on both the peers ?
>
> Sincerely,
> Taqdir Singh
> 91-9911709496
>
> Do today what others won't, So that you can live tomorrow what others
> can't
>
> ------------------------------------------------------------------------
> See the Web's breaking stories, chosen by people like you. Check out
> Yahoo! Buzz
> <http://in.rd.yahoo.com/tagline_buzz_1/*http://in.buzz.yahoo.com/>.
> ------------------------------------------------------------------------
>
> _______________________________________________
> For more information regarding industry leading CCIE Lab training, please
> visit www.ipexpert.com
>
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
