Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides
https://forum.ivorde.com/

BGP Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure
https://forum.ivorde.com/bgp-notification-message-3-length-21-open-message-error-2-subcode-authentication-failure-t20036.html
Page 1 of 1

Author:  admin [ Fri Nov 03, 2017 8:24 am ]
Post subject:  BGP Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure

When Junos is configured for an external BGP session with a neighbor not directly connected, without the "multihop ttl 2" configuration statement, it will fail to accept the neighbor with a notification message following the open message:
Code:
   Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure (5)


There is no fix, but correct configuration: if ebgp neighbor is not directly connected, it's mandatory to:
Code:
# set protocols bgp group <GROUP> multihop ttl 2

Under group or under neighbor.

Page 1 of 1 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/