Newly created NSX BGP Neighbors are down (errors: "Connection from #.#.#.# rejected due to admin shutdown")
Article ID: 404551
Updated On:
Products
VMware NSX
Issue/Introduction
- BGP Neighbors status shows as DOWN in the NSX UI under T0 Gateway configuration
- Ping between BGP peers work (verifying the subnet masks, IPs, VLANs for the uplinks, MTU all looks good)
- Even the BGP Hello Messages will be seen received in packet captures, but you see this error in the /var/log/frr/frr.log:
"Connection from #.#.#.# rejected due to admin shutdown" (#.#.#.# is the customer BGP peer IP)
Environment
VMware NSX
Cause
- Edge nodes did not have any TEP tunnels up.
- So without any TEP Tunnels up on Edge nodes, to prevent any strange behavior from happening, NSX administratively disables the interfaces until at least one tunnel is up due to which BGP is DOWN
Resolution
- Troubleshoot why TEP tunnel is not up on Edges (Reference KB to troubleshoot TEP tunnel issue: TEP tunnel down on Edge
- Once TEP tunnel comes up, BGP should be come up. (If incase if further issues with BGP, here is the troubleshooting KB for BGP: Troubleshooting BGP
Feedback
Yes
No
Powered by
