TechQA.

BGP Protocol configuration between two VPC

697 views Asked by At

I would need to configure a cross connect between two networks via SFP Fiber. Unfortunately I'm new on BGP configuration and would need confirmation that I'm doing it on the right way...

I have Two VPC:

  • VPC A: ASN 200 IP Router: 169.254.250.1 Sub Network: 10.0.0.1/34

  • VPC B: ASN 100 IP Router: 169.254.250.2 4 Servers: 169.254.131.1 / 169.254.131.2 / 169.254.131.3 / 169.254.131.4

VPC A is completely configured, I purchased a Cisco router C1113-8PM to configure my VPC B. My aim is to ensure that any server on VPC A can access my 4 servers located in VPC B through BGP.

The procedure I started to write into VPC B Router:

#Configure ASN VPC B on Router
enable
configure terminal
router bgp 100
bgp router-id 169.254.250.2
timers bgp 70 120
end

# Configure ASN VPC A and routes
configure terminal
neighbor 169.254.250.1 remote-as 200
address-family ipv4 unicast
neighbor 169.254.250.1 activate
end

is it enough ? Do I need to set each IP address of my VPC B into BGP table ? how ?

cisco-ios bgp
Original Q&A
1

There are 1 answers

0
Baris Sonmez On BEST ANSWER

Targeted topology and config should be as I described below

Network Diagram

Network Diagram

Two important commands are needed to enable this peering:

  • Peer-gateway : The vPC peer-gateway functionality allows a vPC switch to act as the active gateway for packets that are addressed to the router MAC address of the vPC peer
  • layer3 peer-router : no change for TTL of packets destined to the peer, external device sees the vPC domain as single physical entity from layer route protocol peering perspective as well.

Configurations

Leaf 1:
! Form the vPC domain:
vpc domain 1
  peer-switch
  role priority 10 peer-keepalive destination 192.0.2.2 source 192.0.2.1 peer-gateway layer3 peer-router ipv6 nd synchronize ip arp synchronize
!
!vPC peer-link interface members
interface Ethernet1/53 - 54
  description vPC-Peerlink member
  switchport
  switchport mode trunk
  channel-group 11 mode active
  no shutdown
!
! vPC peer-link port-channel
interface port-channel11
  description vPC-peerlink
  switchport
  switchport mode trunk
  spanning-tree port type network
  no shutdown
  vpc peer-link
!
! vPC port-channel member to External Device
interface Ethernet1/52
  description ExternalDevice Eth2/13
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  channel-group 12 mode active
  no shutdown
!
! vPC port-channel to External Device
interface port-channel12
  description vPC port-channel to External Device
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  vpc 12
!
! Layer 3 interface to the Eternal device:
interface Vlan205
  no shutdown
  vrf member Customer
! BFD for eBGP
  bfd interval 500 min_rx 500 multiplier 3
! Disable bfd echo, as it is not supported over vPC
  no bfd echo
  no ip redirects
! We use/29 as we need 3 ip address, one per each member of the ! vPC domain and 3rd for the External Device
  ip address 198.51.100.1/29 tag 800204
! Disable redirects - this is needed to enable BFD
  no ipv6 redirects
!
router bgp 65535
router bgp 65535
  router-id 203.0.113.1
  log-neighbor-changes
  address-family ipv4 unicast
   Customer router-id 198.51.100.1 address-family ipv4 unicast neighbor 198.51.100.2 description Leaf-2 remote-as 65535 address-family ipv4 unicast soft-reconfiguration inbound always neighbor 198.51.100.3 description to External Device bfd remote-as 65000 update-source Vlan205 address-family ipv4 unicast soft-reconfiguration inbound always ! Leaf 2:
! Form the vPC domain:
vpc domain 1
  peer-switch
  role priority 10
  peer-keepalive destination 192.0.2.1 source 192.0.2.2
  peer-gateway
  layer3 peer-router
  ipv6 nd synchronize
  ip arp synchronize
!
!vPC peer-link interface members
interface Ethernet1/53 - 54
  description vPC-Peerlink member
  switchport
  switchport mode trunk
  channel-group 11 mode active
  no shutdown
!
! vPC peer-link port-channel
interface port-channel11
  description vPC-peerlink
  switchport
  switchport mode trunk
  spanning-tree port type network
  no shutdown
  vpc peer-link
!
! vPC port-channel member to External Device
interface Ethernet1/52
  description ExternalDevice Eth2/13
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  channel-group 12 mode active
  no shutdown
!
! vPC port-channel to External Device
interface port-channel12
  description vPC port-channel to External Device
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  vpc 12
!
! Layer 3 interface to the Eternal device:
interface Vlan205
  no shutdown
  vrf member Customer
! BFD for eBGP
  bfd interval 500 min_rx 500 multiplier 3
! Disable bfd echo, as it is not supported over vPC
  no bfd echo
  no ip redirects
! We use/29 as we need 3 ip address, one per each member of the ! vPC domain and 3rd for the External Device
  ip address 198.51.100.2/29 tag 800204
! Disable redirects - this is needed to enable BFD
  no ipv6 redirects
!
router bgp 65535
router bgp 65535
  router-id 203.0.113.2
  log-neighbor-changes
  address-family ipv4 unicast
 vrf Customer
    router-id 198.51.100.2
    address-family ipv4 unicast
    neighbor 198.51.100.1
      description Leaf-2
      remote-as 65535
      address-family ipv4 unicast
        soft-reconfiguration inbound always
    neighbor 198.51.100.3
      description to External Device
      bfd
      remote-as 65000
      update-source Vlan205
      address-family ipv4 unicast
        soft-reconfiguration inbound always
!
External Device (NX-OS style CLI):
interface Ethernet2/13 - 14
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  channel-group 12 mode active
  no shutdown
!
interface port-channel12
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 203,205
  mtu 9216
  no shutdown
!
interface Vlan205
  no shutdown
  mtu 9216
! See notes in Leaf-1 and Leaf 2 for BFD
  bfd interval 500 min_rx 500 multiplier 3
  no bfd echo
  no ip redirects
  ip address 198.51.100.3/29
  no ipv6 redirects
!
router bgp 65000
  log-neighbor-changes
  address-family ipv4 unicast
   neighbor 198.51.100.1 remote-as 65535
      description to Leaf-1
      update-source Vlan205
      bfd
   neighbor 198.51.100.2 remote-as 65535
      description to Leaf-2
      update-source Vlan205
      bfd
end
!

Verify

Below is output of show bgp ipv4 unicast neighbors. It verifies that:

  • BGP neighborship is established and stable
  • BFD is enabled between external neighbors

Troubleshoot

Following commands will help verify operation:

show vpc
show vpc consistency-parameters global
show vpc consistency-parameters interface <interface>
show bgp ipv4 unicast neighbors
show bgp ipv4 unicast summary

Ref. https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/217099-ebgp-peering-over-vpc-on-nexus.html

Related Questions in CISCO-IOS

Related Questions in BGP

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions