In BGP (Border Gateway Protocol), Connect and Active are two states in the BGP Finite State Machine (FSM) that describe different stages of establishing a BGP session with a peer. The key difference is how BGP is attempting (or retrying) the TCP connection.
| Aspect | Connect | Active |
|---|---|---|
| TCP connection | Being attempted | Not connected, retrying |
| SYN sent | Yes | No (waiting) |
| Indicates | Normal connection attempt | Possible connectivity issue |
| Next state (success) | OpenSent | Connect |
| Common duration | Short | Often longer |
1. Connect State
What it means
- The router is actively trying to establish a TCP connection to the BGP peer.
- It has sent a TCP SYN and is waiting for the connection to succeed.
Key points
- TCP connection attempt is in progress.
- If the TCP connection succeeds → moves to OpenSent.
- If the TCP connection fails → moves to Active.
- If the ConnectRetry timer expires → retries the connection.
Typical causes for staying in Connect
- Peer is reachable.
- TCP port 179 is open.
- No immediate failures, but the session hasn’t completed yet.
2. Active State
What it means
- The router is NOT currently connected and is retrying to establish the TCP session.
- It is waiting before making another connection attempt.
Key points
- TCP connection attempt has failed or timed out.
- Router waits for the ConnectRetry timer to expire.
- When the timer expires, it tries again and moves back to Connect.
- Often indicates a problem.
Typical causes for being stuck in Active
- Peer is down or unreachable.
- Incorrect neighbor IP.
- TCP port 179 blocked by firewall.
- One side not configured for BGP.
- Authentication (MD5) mismatch.
Geek Gurus