Advanced Routing Engine - BGP : Hold Timer Expired

Advanced Routing Engine - BGP : Hold Timer Expired

5530
Created On 07/03/24 03:17 AM - Last Modified 11/19/24 22:22 PM


Symptom


  • BGP connection is closed with "BGP peer session left established state" in System logs.
  • Notification sent message with to "Hold Timer Expired"  is seen in frr/nsX_frr_export.log (less mp-log frr/nsX_frr_export.log 
    23:40 BGP: [HZN6M-XRM1G] %NOTIFICATION: sent to neighbor vm100-2 4/0 (Hold Timer Expired) 0 bytes 
23:40 BGP: [PXVXG-TFNNT] %ADJCHANGE: neighbor neighbor vm100-2(192.168.1.2) in vrf default Down BGP Notification send
  • Log generated in Monitor Logs > System:

holdtimer2.png

 

Environment


  • Palo Alto firewalls
  • Advanced Routing Engine
  • Logical Router
  • BGP

Cause


As per RFC 4271:
If a system does not receive successive KEEPALIVE, UPDATE, and/or NOTIFICATION messages within the period specified in the Hold Time field of the OPEN message, then the NOTIFICATION message with the Hold Timer Expired Error Code is sent and the BGP connection is closed.

Resolution


  1. In your Network Bandwidth monitoring tool (ex., PRTG, WhatUp, Nagios, etc.), correlate the obtained time and see if the bit rate of the interface concerning the issue had a flat/leveled-off trend in the graph. If yes, this confirms that we need more bandwidth to support the current requirement and escalate to the service provider if the SLA isn't being met.
  2. To prevent the issue, increase the Keep Alive Interval and Hold time values.
      1. We'll need to know the Timer Profile that is being utilized by going to Network > Routing > Logical Router > [click on the LR] > BGP > Peer Group > [click on the Peer Group] > PEER > [click on the Peer] > Connection Options > Timer Profile

        timerprofile3.png

        Note: In the above our Timer Profile is using 'InHerit (Inherit from Peer-Group)' since we are only customising for one peer, we'll need to create a new Timer Profile.

    2. Create or Edit the Timer Profile by going to, Network > Routing > Routing Profile > BGP > BGP Timer Profiles > Add or [click on the Timer Profile name]

       

      timerprofileC.png

Note: It's recommended to have the value of the Hold time be three times the Keep Alive Interval. 

    1. This step is not necessary if you just edited an existing Timer Profile. Otherwise, apply the newly created Timer Profile by following the path mentioned in 2a.

Additional Information


If increasing the timer values doesn't address the issue, Refer How to troubleshoot flapping BGP neighbor.




 




        
       
      





      

        
        
        

    

    

    

      

        
Other users also viewed:

        

             

               
              

        

    

        

        
        

          
Actions

          
    
           
            
            
            
  • 
                Print
            
    • 
            
  • 
            
    • 
            
  • 
              Copy Link
                
                
    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000010zBFCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail
    
            
    • 
          

        
 

        

         
        

          

            
Choose Language