Troubleshoot BGP sessions

This guide is for troubleshooting BGP sessions, such as BGP sessions that fail to establish and BGP resets.

For additional troubleshooting information, see the following:

BGP session failed to establish

Check that the settings on your on-premises BGP router and the settings on your Cloud Router are correct. For detailed information, view the Cloud Router logs.

If you're creating a Cloud VPN tunnel, check that the status of the tunnel is ESTABLISHED. If it isn't, to troubleshoot the issue, see Cloud VPN troubleshooting.

IPv4 and IPv6 addresses for BGP sessions

Support for IPv6 BGP sessions is in Preview.

The IPv4 and IPv6 addresses that you can use for a BGP session depend on the product you use. For complete details, see BGP peering addresses.

Invalid value for the field resource.bgp.asn

You may get the following error:

"Invalid value for field resource.bgp.asn: ######. Local ASN conflicts with peer ASN specified by a router in the same region and network."

The Cloud Router is attempting to establish a BGP session with an on-premises device that has the same ASN as the Cloud Router. To resolve this issue, change the ASN of your device or Cloud Router.

IPv6 BGP session fails to establish

If you are experiencing difficulty establishing a connection with your IPv6 BGP peer, do the following:

  1. Verify that the corresponding VLAN attachment or HA VPN tunnel is connected.

  2. Verify that the VLAN attachment or HA VPN gateway has the required stack type of IPV4_IPV6. If the stack type is incorrect for a VLAN attachment, modify the VLAN attachment. For a HA VPN gateway, recreate the HA VPN gateway and its tunnels.

  3. Ensure that the Cloud Router is configured correctly and that your on-premises router is configured with the matching IPv6 BGP addresses.

    Run the following command:

    gcloud compute routers describe ROUTER-NAME
    

    In the command output, check the following values:

    • bgpPeers.peerIpAddress is an IPv6 address assigned to the external interface on your on-premises router. This IPv6 address is used as the BGP peering address with Cloud Router for a HA VPN tunnel or a Dedicated Interconnect VLAN attachment.

    • bgpPeers.ipAddress is an IPv6 address assigned to the interface of the Cloud Router and matches the value configured as the peer BGP IP address on your on-premises router.

    • bgpPeers.peerAsn matches the ASN of your on-premises router.

    • bgp.asn matches the peer ASN configured on your on-premises router.

BGP resets that originate from Google Cloud appear on your router

Cloud Router tasks are software processes in the Google Cloud control plane that are normally migrated from machine to machine. During such migrations, the Cloud Router might be down for periods of up to 60 seconds. Normal migrations don't cause traffic to be dropped.

The Cloud Router is not located in the data path and is not acting as a Layer 3 switch, but as a manager for route programming. Routing is actually handled by the VLAN attachment or the Cloud VPN tunnel.

On-premises router experiences BGP flap

BGP flaps can be caused by various issues, including Cloud Router software maintenance and automated task restarts.

To get details about completed maintenance events, see Identifying router maintenance events. To get details about other Cloud Router events, see Viewing Cloud Router logs and metrics.

A Cloud Router maintenance event is not indicative of a problem if your on-premises router is configured as follows:

  • The on-premises router can process graceful restart notifications.
  • The on-premises router's hold timer is set to at least 60 seconds.

For a comprehensive overview of timer settings, see Managing BGP timers.

For help monitoring connectivity, see Verify connectivity between the on-premises router and the Cloud Router.

What's next