Loading...
Loading...
Flapping BGP sessions are seen if large BGP update messages are sent out and BGP packets are fragmented because midpoint routers have the smaller "mtu" or "ip mtu" configured. *Jun 3 18:20:20.792 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179) to 2.2.2.5(17744) tableid - 0 *Jun 3 18:20:30.488 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179) to 2.2.2.5(17744) tableid - 0 *Jun 3 18:20:36.451 UTC: %BGP-5-ADJCHANGE: neighbor 6.6.6.5 Down BGP Notification sent *Jun 3 18:20:36.451 UTC: %BGP-3-NOTIFICATION: sent to neighbor 6.6.6.5 4/0 (hold time expired) 0 bytes *Jun 3 18:20:36.569 UTC: %BGP_SESSION-5-ADJCHANGE: neighbor 6.6.6.5 VPNv4 Unicast topology base removed from session BGP Notification sent *Jun 3 18:20:40.184 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179) to 2.2.2.5(17744) tableid - 0 *Jun 3 18:20:44.619 UTC: %BGP-5-ADJCHANGE: neighbor 6.6.6.5 Up *Jun 3 18:20:49.926 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179) to 2.2.2.5(17744) tableid - 0 *Jun 3 18:20:59.604 UTC: %TCP-6-BADAUTH: Invalid MD5 digest from 6.6.6.5(179) to 2.2.2.5(17744) tableid - 0
This symptom is observed between two BGP peers with matching MD5 passwords configured and can be triggered by the following conditions: - If the midpoint path has the "mtu" or "ip mtu" setting that is smaller than the outgoing interface on BGP routers, it will be force the BGP router to fragment the BGP packet while sending packets through the outgoing interface. - Peering down and the MD5 error do not always occur. They occur only once or twice within 10 tests.
There is no workaround.
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.