Yep, got a reply from cisco. It's a cisco bug: " CSCsj36133 Internally found severe defect: Resolved (R) Invalid header length BGP notification when sending withdraw The router that is running the affected software generates enough withdraws to fill an entire BGP update message and can generate an update message that is 1 or 2 bytes too large when formatting withdraws close to the 4096 size boundary. The error message you attached to the service request indicates that you're receiving the BGP update with the illegal header length from the provider, correct? This issue was caused when new features were introduced into the 12.4(20)T train. The fix has been integrated into 12.4(20)T2 and will also be integrated into 12.4(24)T, when it is released on CCO. The 12.4(15)T train is unaffected. So the affected routers could also safely move to the latest 12.4(15)T image." ---- Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139
-----Original Message----- From: Renaud RAKOTOMALALA [mailto:renaud@rakotomalala.com] Sent: Tuesday, February 24, 2009 10:49 AM To: Matthew Huff; 'nanog@nanog.org' Subject: Re: Illegal header length in BGP error
Hello Matthew,
We changed the motherboard from cisco one of our from 7206VXR (NPE-G1) to 7206VXR (NPE-G2).
Due to incompability with the IOS 12.3(4r)T3 we upgraded this IOS to 12.4(12.2r)T. At the end we've got the same problem as you between one of our 7200 in 12.3 and the new one in 12.4 ....
We solved the problem by upgrading the cisco withe the IOS from 12.4(12.2r) to 12.4(4)XD10 and the BGP session came back alive ....
So now everything work fine between our 7200 (IOS 12.3) and the other 7200 in IOS 12.4(4)XD10
I hope it could help you ...
Cheers, Renaud
One of our upstream providers flapped this morning, and since then
sending corrupted BPG data. I'm running 12.4(22)T on cisco 7200s. I'm getting no BGP errors from that providers and the number of routes and basic sanity check looks okay. However, when it tries to redistribute the bgp routes via iBGP to our other board routers, we get:
003372: Feb 24 09:17:13.963 EST: %BGP-5-ADJCHANGE: neighbor x.x.x.x Down BGP Notification sent 003373: Feb 24 09:17:13.963 EST: %BGP-3-NOTIFICATION: sent to neighbor x.x.x.x 1/2 (illegal header length) 2 bytes
All routes have identical hardware and IOS versions. My google and cisco search fu leads me to the AS path length bug, but the interesting
that since we have "bgp maxas-limit 75" configured and a recent IOS, we haven't had the problem before when other people were reporting issues. I've also looked at the path mtu issue, and although we haven't had a
Matthew Huff a écrit : they are thing is problem
before I disabled bgp mtu path discovery, but have the same issues.
Anyone seeing something like this today, and or does anyone have a suggestion on finding out more specific info (which as path for example so I can filter it)?