Differences Between Connect and Active States of BGP Explained

bgpprotocol-theory

What is the significance of having two different states in FSM when both try to establish TCP Connection?

Best Answer

BGP Peers start in Idle state. In Idle state, the peers have been configured to form an adjacency with one another other, but have not yet initiated or received any communication.

BGP uses TCP as it's transport. So for there to be a BGP adjacency, the first step is to establish a TCP connection. While both peers are in IDLE state, they will each periodically attempt to initiate a TCP connection at independent intervals (based upon when the BGP peering configuration was actually completed).

When one peer initiates the TCP three way handshake with a SYN , that peer transitions into Active state. This state indicates the local router is actively trying to initiate a TCP connection.

When the other peer receives the TCP SYN from it's peer, it will transition into Connect state. This state indicates the local router has received a TCP initiation from the other router, and is/has responded with a SYN ACK.

From there, both peers continue through the remaining states: Open Sent, Open Confirmed, Established.

To summarize:

Active state - local router has just sent a TCP SYN
Connect state - local router has just received a TCP SYN from it's peer

The "initiating" BGP speaker's state transitions to form the adjacency will be: Idle, Active, Open Sent, Open Received, Established

The "responding" BGP speaker's state transitions to form the adjacency will be: Idle, Connect, Open Sent, Open Received, Established

Notice, only the peer which Initiated the TCP handshake passes through Active state. And only the peer which did NOT initiate the TCP handshake passes through the Connect state.

Adding some debugs which prove the behavior. This is Cisco router code Version 15.4(1)T.

This is from a BGP peering session between R1 (9.9.12.1) and R2 (9.9.12.2).

R2 is the initiator for this TCP session:

router1# show ip bgp neighbors | i ^BGP|host
BGP neighbor is 9.9.12.2,  remote AS 2323, external link
Local host: 9.9.12.1, Local port: 179
Foreign host: 9.9.12.2, Foreign port: 43876

Confirmed on the other Router:

router2# show ip bgp neighbors | i ^BGP|host
BGP neighbor is 9.9.12.1,  remote AS 1111, external link
Local host: 9.9.12.2, Local port: 43876
Foreign host: 9.9.12.1, Foreign port: 179

This is the (filtered) debug on R2, the initiator:

$ cat BGP-Peering_Initiator.txt | grep -e "TCP src" -e "went from"
*Oct 28 17:06:36.971: BGP: 9.9.12.1 active went from Idle to Active
*Oct 28 17:06:36.972:     TCP src=43876, dst=179, seq=1526684246, ack=0, win=16384 SYN
*Oct 28 17:06:36.975:     TCP src=179, dst=43876, seq=2072809595, ack=1526684247, win=16384 ACK SYN
*Oct 28 17:06:36.975:     TCP src=43876, dst=179, seq=1526684247, ack=2072809596, win=16384 ACK
*Oct 28 17:06:36.977: BGP: 9.9.12.1 active went from Active to OpenSent
*Oct 28 17:06:36.982:     TCP src=43876, dst=179, seq=1526684247, ack=2072809596, win=16384 ACK PSH
*Oct 28 17:06:36.985:     TCP src=179, dst=43876, seq=2072809596, ack=1526684304, win=16327 ACK
*Oct 28 17:06:36.985:     TCP src=179, dst=43876, seq=2072809596, ack=1526684304, win=16327 ACK PSH
*Oct 28 17:06:36.985: BGP: 9.9.12.1 active went from OpenSent to OpenConfirm
*Oct 28 17:06:36.985:     TCP src=43876, dst=179, seq=1526684304, ack=2072809653, win=16327 ACK PSH
*Oct 28 17:06:36.987:     TCP src=179, dst=43876, seq=2072809653, ack=1526684304, win=16327 ACK PSH
*Oct 28 17:06:36.987: BGP: 9.9.12.1 active went from OpenConfirm to Established

And this is the (filtered) debug on R1, the responder:

$ cat BGP-Peering_Responder.txt | grep -e "TCP src" -e "went from"
*Oct 28 17:06:36.973:     TCP src=43876, dst=179, seq=1526684246, ack=0, win=16384 SYN
*Oct 28 17:06:36.974:     TCP src=179, dst=43876, seq=2072809595, ack=1526684247, win=16384 ACK SYN
*Oct 28 17:06:36.976:     TCP src=43876, dst=179, seq=1526684247, ack=2072809596, win=16384 ACK
*Oct 28 17:06:36.976: BGP: 9.9.12.2 passive went from Idle to Connect
*Oct 28 17:06:36.983:     TCP src=43876, dst=179, seq=1526684247, ack=2072809596, win=16384 ACK PSH
*Oct 28 17:06:36.984:     TCP src=179, dst=43876, seq=2072809596, ack=1526684304, win=16327 ACK
*Oct 28 17:06:36.984: BGP: 9.9.12.2 passive went from Connect to OpenSent
*Oct 28 17:06:36.984: BGP: 9.9.12.2 passive went from OpenSent to OpenConfirm
*Oct 28 17:06:36.985:     TCP src=179, dst=43876, seq=2072809596, ack=1526684304, win=16327 ACK PSH
*Oct 28 17:06:36.986:     TCP src=179, dst=43876, seq=2072809653, ack=1526684304, win=16327 ACK PSH
*Oct 28 17:06:36.986:     TCP src=43876, dst=179, seq=1526684304, ack=2072809653, win=16327 ACK PSH
*Oct 28 17:06:36.986: BGP: 9.9.12.2 passive went from OpenConfirm to Established

Related Solutions

Routing – After TCP is established which BGP peer will send open message first

which peer will send the open message first?

Normally, the speaker that opens the socket sends the first OPEN message. But it actually doesn't matter (ref the DelayOpen timer), because BGP also provides a way to delay the OPEN message so the opposite peer can send first:

    Option 1:     DelayOpen

    Description: The DelayOpen optional session attribute allows
                 implementations to be configured to delay sending
                 an OPEN message for a specific time period
                 (DelayOpenTime).  The delay allows the remote BGP
                 Peer time to send the first OPEN message.

         Value:       TRUE or FALSE

In the event that both speakers open duplicate TCP sessions and send OPEN messages on each socket simultaneously, the BGP Identifier is used to resolve which socket should be closed. See RFC 4271, Section 6.8:

6.8. BGP Connection Collision Detection

If a pair of BGP speakers try to establish a BGP connection with each other 
simultaneously, then two parallel connections well be formed. If the source IP address 
used by one of these connections is the same as the destination IP address used by the 
other, and the destination IP address used by the first connection is the same as the 
source IP address used by the other, connection collision has occurred. In the event 
of connection collision, one of the connections MUST be closed.

Based on the value of the BGP Identifier, a convention is established for detecting 
which BGP connection is to be preserved when a collision occurs. The convention is to 
compare the BGP Identifiers of the peers involved in the collision and to retain only 
the connection initiated by the BGP speaker with the higher-valued BGP Identifier.

Is there any good BGP Peer fsm diagram?

Wikipedia has this simplified BGP FSM.

Bgp – Active / Active BGP with Default routes

Absent any non-standard configuration, it is how you say. For outbound traffic, which uplink is used depends on which router the traffic hits. For inbound traffic, it should work the same way but that depends largely on your upstream's configuration. Full routes are really only required if you intend to peer with another upstream.

Best Answer

Related Solutions

Routing – After TCP is established which BGP peer will send open message first

Bgp – Active / Active BGP with Default routes

Related Topic