Hello everybody.
I am setting up OpenBGP for the first time in replacement to Cisco.

However, I am having some troubles which I could not realize the

reason myself, so I
#macros

peer_gvt=200.139.89.37

peer_intelig=200.184.196.18

#peer_intelig=201.70.200.1
# Configuracao Global

AS 28660

router-id 201.87.224.253

# route-reflector 3381352702

log updates
#holdtime 180

#holdtime min 3
holdtime 4

holdtime min 3
#listen on <ip router>
#fib-update no

fib-update yes

#route-collector yes
#network 201.87.224.0/20        # full routing

network 201.87.224.0/23         # partial routing
# neighbors and peers
#group "peering AS4230" {

#        remote-as 4230

#        neighbor $peer1 {

#                descr   "ASN4230 Embratel"

#                announce self

#               tcp md5sig password 7890

#        }

#}

group "peering GVT" {

 remote-as      18881

 neighbor $peer_gvt {

        descr           "GVT"

        #multihop       2

        #local-address  <ip router twi>

        #softreconfig   in yes

        depend on em1

        #passive

        holdtime        3

        holdtime min    3

        announce        self    # ebgp = self, ibgp = all - twi sera ebgp

 }

}
group "peering Intelig" {

 remote-as       17379

 neighbor $peer_intelig {

         descr           "Intelig"

        multihop        4

        #local-address  201.70.200.2

        #softreconfig    in yes

        #depend on em0

        #passive

        holdtime        3

        holdtime min    3

        announce        self    # ebgp = self, ibgp = all - twi sera ebgp

 }

}
#

# Filtros

#
deny from any

allow from any prefixlen 8 - 24 # publicacao de 8 a 24 bits, nem mais nem menos
deny from any prefix 0.0.0.0/0  # nao aceita publicacao de rota padrao
# Redes as quais nunca permitiremos publicacao de rotas

deny from any prefix 10.0.0.0/8 prefixlen >= 8

deny from any prefix 172.16.0.0/12 prefixlen >= 12

deny from any prefix 192.168.0.0/16 prefixlen &g...
[ message continues ]

tcp connection has been established and we sent our OPEN message to the 
the neighbor closed the tcp connection.

why?

we cannot know.

there should be a message in the neighbor's log.
--

Henning Brauer, hb@bsws.de, henning@openbsd.org

BS Web Services, http://bsws.de

Full-Service ISP - Secure Hosting, Mail and DNS Services

Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

is this the correct local-address?
"tcpdump -nvvs1500 -i<interface> port 179" might give more clues.

I have lowered holdtime for testing purposes only. With default value

the behavior is the same. I have just forced local-address to another

one, with "local-address  201.70.200.2" but still the same.
Here is the tcpdum output
22:39:40.566835 IP (tos 0xc0, ttl   4, id 9918, offset 0, flags [DF],

proto: TCP (6), length: 52) 201.87.225.16.61409 > 200.184.196.18.179:

F, cksum 0x375a (incorrect (-> 0x3ca1), 990673835:990673835(0) ack

1878726869 win 33304 <nop,nop,timestamp 105680141 22526977>

22:39:43.925328 IP (tos 0xc0, ttl   4, id 9930, offset 0, flags [DF],

proto: TCP (6), length: 64) 201.87.225.16.57856 > 200.184.196.18.179:

S, cksum 0x3766 (incorrect (-> 0xdc9c), 2171084445:2171084445(0) win

65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 105683499 0,sackOK,eol>

22:39:43.933442 IP (tos 0xc0, ttl  63, id 2913, offset 0, flags [DF],

proto: TCP (6), length: 64) 200.184.196.18.179 > 201.87.225.16.57856:

S, cksum 0xb4d4 (correct), 1446395664:1446395664(0) ack 2171084446 win

16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 22565145

105683499,sackOK,eol>

22:39:43.933508 IP (tos 0xc0, ttl   4, id 9933, offset 0, flags [DF],

proto: TCP (6), length: 52) 201.87.225.16.57856 > 200.184.196.18.179:

., cksum 0x375a (incorrect (-> 0xb27e), 1:1(0) ack 1 win 33304

<nop,nop,timestamp 105683507 22565145>

22:39:43.933609 IP (tos 0xc0, ttl   4, id 9934, offset 0, flags [DF],

proto: TCP (6), length: 101) 201.87.225.16.57856 > 200.184.196.18.179:

P, cksum 0x378b (incorrect (-> 0x69a3), 1:50(49) ack 1 win 33304

<nop,nop,timestamp 105683507 22565145>: BGP, length: 49

        Open Message (1), length: 49

          Version 4, my AS 28660, Holdtime 90s, ID 201.87.224.253

          Optional parameters, length: 20

            Option Capabilities Advertisement (2), length: 6

              Multiprotocol Extensions (1), length: 4

                AFI IPv4 (1), SAFI Unicast (1)

                0x0000:  0001 0001

            Option Capabilities Advertisement...
[ message continues ]

that doesn't look like openbsd, ours is easy to read ;-)
the peer just closes the connection on receipt of the Open.

you can either try experimenting with disabling some options

(announce ipv6 none, announce capabilities no) or better,

talk to your peer and see what they have logged.
22:39:43.933609 IP (tos 0xc0, ttl   4, id 9934, offset 0, flags [DF],

proto: TCP (6), length: 101) 201.87.225.16.57856 > 200.184.196.18.179:

P, cksum 0x378b (incorrect (-> 0x69a3), 1:50(49) ack 1 win 33304

<nop,nop,timestamp 105683507 22565145>: BGP, length: 49

        Open Message (1), length: 49

          Version 4, my AS 28660, Holdtime 90s, ID 201.87.224.253

          Optional parameters, length: 20

            Option Capabilities Advertisement (2), length: 6

              Multiprotocol Extensions (1), length: 4

                AFI IPv4 (1), SAFI Unicast (1)

                0x0000:  0001 0001

            Option Capabilities Advertisement (2), length: 2

              Route Refresh (2), length: 0

            Option Capabilities Advertisement (2), length: 6

              Graceful Restart (64), length: 4

                Restart Flags: [R], Restart Time 0s

                0x0000:  8000 0000

22:39:43.939183 IP (tos 0xc0, ttl  63, id 2914, offset 0, flags [DF],

proto: TCP (6), length: 52) 200.184.196.18.179 > 201.87.225.16.57856: F,

cksum 0xf07e (correct), 1:1(0) ack 50 win 17376 <nop,nop,timestamp

22565151 105683507>

Hello,
This follow-up is to thank you all who replied and mention the

solution (what is good for the history). I forced binding to the

correct IP address declaring neighbor's local address, and added a

static route to the box, instead of using the default one, although

they were nexthoping to the same address.
Finally I removed the "passive" keyword. Now its OK with the first BGP

neighbor, I will setup the second tomorrow morning but probably there

wont be any other problem.
Thank you all and thanks for OpenBGP. Way simple, functional and much

better/clearer than cisco.
--

===========

Eduardo Meyer