// bgp
BGP Cheat Sheet
The BGP show commands, path-selection order and session debug reasons you actually use during a peering issue.
Updated
Show commands you'll actually run
Cisco-style syntax. Junos / Arista / FRR equivalents follow the same shape.
| Command | Purpose | Notes |
|---|---|---|
| show ip bgp summary | Peer table + state | State should be a number (prefixes) — if it's Idle/Active/OpenSent the session isn't up. |
| show ip bgp neighbors x.x.x.x | Per-peer detail | Look for capabilities, timers, last reset reason. |
| show ip bgp | Local RIB | * = valid, > = best, i = iBGP learned. |
| show ip bgp x.x.x.x/y | Path detail for a prefix | Shows all paths, AS-PATH, MED, LOCAL_PREF, communities. |
| show ip route bgp | What actually made it into FIB | RIB ≠ FIB. A best BGP path can still be beaten by a lower AD route. |
| show bgp ipv6 unicast summary | IPv6 equivalent | Same flow, different AFI/SAFI. |
| show ip bgp regexp _65001_ | Filter by AS in path | Underscore = boundary. Use ^ for origin and $ for end. |
| show ip bgp community 65000:100 | Filter by community | Combine with community-list for policy debugging. |
Path selection order
Top to bottom. First tiebreaker that's different wins.
| Attribute | Rule | Notes |
|---|---|---|
| WEIGHT | Cisco-only, local | Highest wins. Not advertised. Default 0 (32768 for locally originated). |
| LOCAL_PREF | iBGP-wide preference | Highest wins. Default 100. Set on ingress, propagated inside AS. |
| AS_PATH length | Shortest wins | Prepend on egress to make a path less attractive to neighbors. |
| ORIGIN | IGP < EGP < Incomplete | Lowest wins. Rarely the deciding factor in practice. |
| MED | Hint to neighbor AS | Lowest wins. Only compared between paths from same neighbor AS by default. |
| eBGP > iBGP | External preferred | Tiebreaker before IGP cost. |
| IGP metric to next-hop | Lowest wins | If equal and multipath enabled → load-balance. |
| Router ID | Final tiebreaker | Lowest wins. Manual or highest loopback at boot. |
Why your session flapped
| Reason | Meaning | Fix |
|---|---|---|
| Hold timer expired | No keepalive in hold time | Check L2/L3 to peer, MTU, ACLs, CPU. Default hold 180s, keepalive 60s. |
| BGP Notification - Cease | Peer tore it down | Often max-prefix exceeded or admin shutdown on the other side. |
| Bad BGP identifier | Router-ID collision | Two peers using the same router-id. Set explicit router-id under router bgp. |
| Authentication failure | MD5/TCP-AO mismatch | Check neighbor password and any in-path firewalls stripping the TCP option. |
| Open message error | Capability/AS mismatch | Wrong remote-as, AFI/SAFI not enabled both sides, or 4-byte AS mismatch. |
Need a full BGP lab to practice on?
BGPBlueprint ships a containerlab topology with iBGP route-reflectors, eBGP transit and customer ASes, plus working route-maps, prefix-lists and communities you can break and fix safely. Part of the pingtraceSSH Arsenal.
→ Get BGPBlueprint// free download
Get the Network Engineer Starter Pack
A printable 5-page PDF: first-60-seconds triage, modern Linux network commands, BGP show commands & path-selection order, and a symptom → root-cause map. Free, no fluff.
FAQ
- Why is my BGP session stuck in Active?
- Active means the local router is trying to open a TCP session and failing. Check IP reachability to the neighbor address (ping), make sure TCP 179 isn't blocked, verify the source IP matches what the neighbor expects (update-source loopback), and confirm remote-as is correct on both sides.
- Why is my BGP session stuck in Idle?
- Idle usually means no route to the peer or the peer isn't configured. For iBGP across loopbacks, you need an IGP route to the neighbor's loopback before BGP will leave Idle.
- What's the difference between eBGP and iBGP?
- eBGP runs between different ASes — TTL 1 by default, next-hop rewritten on advertise. iBGP runs inside an AS — next-hop preserved, full mesh required (or use route reflectors), prefixes learned from iBGP not re-advertised to other iBGP peers.
- Why isn't my prefix being advertised?
- Walk the chain: is it in the RIB (show ip route)? Is it in the BGP table (show ip bgp x.x.x.x/y)? Is it best (>)? Is there an outbound route-map or prefix-list filtering it? Is the neighbor's inbound policy dropping it (check from their side)?
- How do I prefer one BGP path over another?
- On ingress from your provider, set LOCAL_PREF higher on the preferred path. To influence what comes IN to you, AS-path prepend the less-preferred path or send MED hints. Communities are the cleanest production tool — most providers publish community-based knobs.
- What does the > symbol mean in show ip bgp?
- > marks the best path for that prefix — the one installed in the RIB and advertised to peers. * means valid, i means learned via iBGP, s means suppressed by aggregation.