Guides
All guides
VPN & Firewall
FortiGate IPsec VPNPalo Alto VPNCisco ASA VPNJuniper SRX VPNSonicWall VPN
Switching & Routing
Catalyst high CPUNexus vPCOSPF ExStartBGP Active/Idle
Load Balancing
F5 pool member down
Servers & Virtualization
Linux high loadWindows high memoryESXi disconnectedProxmox node offline
Containers
K8s CrashLoopDocker exit 137
Databases
MySQL replication lagPostgreSQL connsOracle ORA-12541
Cloud
AWS no internetAzure VPN gateway
Backup
Veeam job failed
Web & App
Nginx 502
Compare
Marvis alternativeChatGPT vs TM
Home / Troubleshoot / BGP Stuck in Active/Idle
BGP · Active / Idle

BGP Neighbor Stuck in Active/Idle: How to Fix It

By the Tech Matrix engineering team · Updated June 2026

A BGP session that never reaches Established sits in Idle, Connect, or Active. Each state tells you where it's failing — TCP, reachability, or the BGP parameters. Here's how to read it and fix it.

Step 1 — Read the state

show ip bgp summary
show ip bgp neighbors <ip>

What the state means:

  • Idle — BGP isn't even trying: no route to the neighbor, the peer isn't configured/reachable, or the session is administratively down.
  • Active / Connect — BGP is trying to open the TCP session but the handshake on port 179 is failing (blocked, wrong neighbor IP, or no return path).

Step 2 — Reachability and TCP 179

ping <neighbor-ip>
telnet <neighbor-ip> 179

If ping fails, fix routing first. If ping works but TCP 179 doesn't open, an ACL or firewall is blocking BGP, or the peer isn't listening (peer not configured for your IP).

Step 3 — Check the BGP parameters

  • Remote AS: a wrong remote-as on either side keeps the session down. Verify both ends.
  • Update source: if peering over loopbacks, both sides need update-source set to the loopback, and eBGP over loopbacks needs ebgp-multihop.
  • TTL / multihop: directly-connected eBGP expects TTL 1; multihop or loopback peering needs the matching multihop setting.

Watch the negotiation if needed:

debug ip bgp <neighbor-ip>

Step 4 — Fix and confirm

Correct the reachability, ACL, AS, or update-source issue, then clear the session and confirm it reaches Established: clear ip bgp <neighbor-ip> and re-check show ip bgp summary.

How Tech Matrix solves this in ~60 seconds

The state tells you the layer, but confirming TCP 179, reachability and the AS/update-source config still means hopping between two routers. Tech Matrix reads the BGP state and config on both peers at once, tells you whether it's reachability, an ACL, or a parameter mismatch, and gives the exact fix for your platform — in seconds, with your approval.

Create free account →See how it works

Frequently asked questions

What does BGP Active state mean?

Active means BGP is trying to open the TCP session to the peer but the handshake on port 179 is failing — usually blocked TCP, a wrong neighbor IP, or no return route.

What does BGP Idle state mean?

Idle means BGP isn't attempting a connection: no route to the neighbor, the peer isn't configured/reachable, or the session is administratively shut.

How do I fix a BGP session stuck in Active?

Confirm reachability (ping), confirm TCP 179 isn't blocked, verify the remote-as matches, and for loopback/eBGP peering set update-source and ebgp-multihop.