Border Gateway Protocol as defined in RFC 4271 (obsoletes RFC 1771) defines what is called a "finite state model" which describes BGP's behavior at routing engine startup and during the establishment of BGP neighbor sessions. The finite-state-machine is a description of what actions should be taken by the BGP routing engine and when. There are six states in the model, and there are specific conditions under which each BGPstate will transition to the next during the process of establishing first a TCP connection, and then a BGP session. Each step indicates a different state in the BGP session. For the purpose of this discussion, a router is any device running BGP.
From the OSI Model's perspective, BGP is simply a networking application running on top of the the Session layer and everything below it. Thus, an ESTABLISHED BGP SESSION is required for BGP to begin exchanging routes.
NOTE: A valid Transport session via a reliable protocol is required in order to establish a BGP peering session between two neighbors.
BGP will fail to negotiate a peering session if the underlying communications layers fail. Troubleshoot the physical, datalink and network layers first, if the network interfaces are up/down or down/down.
BGP Finite State Machine
IDLE
The IDLE state is the initial state of the BGP Finite State Machine on startup. A BGP speaking router inthe IDLE state is awaiting a session it sits in the IDLE state awaiting the ManualStart event or the AutomaticStart event. When either start event is received BGP performs the following:
- Iinitializes all resources for the peer connection
- Sets ConnectRetryCounter to zero
- Starts the ConnectRetryTimer with the initial value
- Initiates a TCP connection to the other BGP peer
- Listens for a connection that may be initiated by the remote BGP peer
- Changes its state to CONNECT.
The BGP router will not start a BGP session until either start event occurs. Cisco classifies initial configuration or clearing of a BGP peering session as a start event and the system transitions to the CONNECT state. Whenever a BGP peering session is shut down because of an error, it returns to the IDLE state. NOTIFICATION messages used to signal connection errors return the router to the IDLE state.
CONNECT
Once the BGP software and it's environment have been initialized, BGP initiates a TCP connection to the remote neighbor IP address. The CONNECT state indicates the router has awaiting the completion of a TCP connection between itself and another BGP speaking peer. The BGP Finite State Machine remains in CONNECT until the TCP three-way handshake completes.
It is assumed that both sides of the connection will attempt to initiate a BGP session with the peer. The peer with the higher router ID (highest IP address) becomes the router that manages the BGP session and the connection attempted by the other router is abandoned.
ACTIVE
The router has started the first phase of establishing a BGP session by initializing a new TCP three-way handshake to the remote router (peer) because the initial connect failed. Typically, you only see this state if you failed the initial connect. From the ACTIVE state, BGP will attempt to send another OPEN message to negotiate a BGP session. If the second attempt fails, the state falls back to CONNECT.
If you check the state of BGP, and it shows ACTIVE, you do NOT have a functional BGP session. The Finite State Machine passes through ACTIVE only when the CONNECT phase fails.
OPEN SENT
At this stage, a TCP connection should be open ( TCP three-way handshake completed) and an OPEN message successfully transmitted by both routers. The BGP OPEN message contains:
- The BGP Version number (Binary: 00000100, Decimal: 4)
- The AS Number
- The Hold Down Time value
- The BGP Identifier (management IP address of the router) and Optional Parameters.
OPEN CONFIRM
BGP confirms that the OPEN message was received, a KEEPALIVE message is transmitted and the BGP state transitions to ESTABLISHED.
ESTABLISHED
After the BGP session parameter negotiation is completed, the routers begin exchanging BGP routes.
ESTABLISHED IS THE ONLY STATE THAT COUNTS FOLKS! This is the only state in which BGP will actually exchange routes. If you have any other state, you have a non-functional BGP session (and possibly a broken physical link if it refuses to establish the connection). On a Cisco router, you cannot have an ESTABLISHED BGP session if the network interface is Line Protocol Up/Network Protocol Down.