The “Open-Sent” state in BGP (Border Gateway Protocol) indicates that the router has sent an OPEN message and is waiting for an OPEN message from the peer. If your BGP peer is stuck in the “Open-Sent” state, it could be due to several reasons like:
Tunneling Issues: If you’re running a BGP session over an L2TP tunnel, the session might attempt to establish before the tunnel is up, and never times out1. When this happens, the BGP peer gets stuck in ‘open sent’. The common solution is to disable and then enable the BGP peer1.
Address Family Configuration: If you have selected both IP and IPv6 in the address families, but it only announces your IPv6 prefix and not also your IPv4 prefix, the IPv4 BGP session might not work and get stuck at "Open-Sent"2. You should create a unique session for each, IPv4 and IPv62.
Incorrect Details or Routing: The “Open-Sent” state can also occur due to incorrect details such as the remote-as on either side being wrong, or if the routing is incorrect2.
Software Bugs: In some versions of MikroTik, there might be bugs causing the BGP peering to get stuck in the “Open-Sent” state3. In such cases, you might need to manually disable and then enable the peer3.
This issue of “Open-Sent” is possible to resolve via Script and Scheduler in MikroTik.
Use following Script and Scheduler:
/system scheduler
add interval=30m name=BGP-MONITOR on-event=monitor-all-bgp-peers policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=may/30/2024 start-time=00:00:00
/system script
add dont-require-permissions=no name=monitor-all-bgp-peers owner=Shuvodip policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":foreach i in=[/routing bgp peer find] do={\r\
\n :local peerState [/routing bgp peer get \$i state]\r\
\n :if (\$peerState = \"opensent\") do={\r\
\n :local peerName [/routing bgp peer get \$i name]\r\
\n :log info \"BGP Peer \$peerName is in OpenSent state. Disabling and Enabling...\"\r\
\n /routing bgp peer disable \$i\r\
\n :delay 5s\r\
\n /routing bgp peer enable \$i\r\
\n :log info \"BGP Peer \$peerName has been disabled and enabled.\"\r\
\n }\r\
\n}\r\
\n\r\
\n }"
This script is designed to monitor the state of all BGP peers on your MikroTik router and automatically reset any that are stuck in the “Open-Sent” state. Here’s a brief explanation:
Scheduler: The /system scheduler command schedules the monitor-all-bgp-peers script to run every 30 minutes.
Script: The monitor-all-bgp-peers script does the following:
* It iterates over all BGP peers on the router.
* For each peer, it checks the current state.
* If a peer is in the “Open-Sent” state, it logs this event, disables the peer, waits for 5 seconds, and then enables the peer again. This is done to reset the state of the peer.
* It logs a message after the peer has been disabled and enabled.
This script can help in maintaining the stability of BGP sessions by ensuring that any peers that get stuck in the “Open-Sent” state are reset and can re-establish their sessions.
It’s always a good idea to test scripts in a controlled environment before deploying them in a production network. If you have any more questions or need further clarification, feel free to ask! 😊
