Re: BGP Established but not receiving routes

Bardo201110141 · ‎06-12-2023

Hello,

I've been testing with NSX-T deployment, but I got stuck setting up BGP sessions between my Tier-0 gateway and my physical routers (SLX9640).

All session are Established succesfully and both NSX and physical routers are advertising routes/prefixes. However neither side seems to be receiving them.

SLX9640 neighbor sum:

Neighbor Address AS# State Time Rt:Accepted Filtered Sent ToSend
10.18.163.26 65020 ESTAB 1h6m50s 0 0 2 0
10.18.163.27 65020 ESTAB 1h6m50s 0 0 2 0
10.18.163.34 65020 ESTAB 1h6m50s 0 0 2 0
10.18.163.35 65020 ESTAB 1h6m50s 0 0 2 0

NSX-T (edge01) neighbor sum:

Router ID: 10.18.163.26 Local AS: 65020

Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx

10.18.163.25 65001 Estab 01:08:55 NC 6476 5735 0 1
10.18.163.33 65001 Estab 01:08:55 NC 6450 5714 0 1

I currently have prefix-filters configured to accept the advertised routes from their neighbors and I've tried without any prefix filter.

Looking at my SLX9640 I would expect to see any incoming routes either as accepted or filtered, but both are repporting 0 (zero). That make me wonder if I am missing some setting in NSX-T that prevents the routes to actually be exchanged.

> get bgp neigh 10.18.163.25 advertised-routes
BGP IPv4 table version is 5
Local router ID is 10.18.163.26
Status flags: > - best, I - internal
Origin flags: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 10.18.173.0/24 0.0.0.0 0 100 32768 65020 65020 65020 ?

Does anybody recognizes this behaviour and can point me in the right direction?

Thanks in advance!

NSX-T get neighbor:

BGP neighbor is 10.18.163.25, remote AS 65001, local AS 65020, external link
BGP version 4, remote router ID 10.18.163.205, local router ID 10.18.163.26
BGP state = Established, up for 01:24:08
Last read 00:00:18, Last write 00:00:08
Hold time is 180, keepalive interval is 60 seconds
Configured hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
AddPath:
IPv4 Unicast: RX advertised IPv4 Unicast
Route refresh: advertised and received(old & new)
Address Family IPv4 Unicast: advertised and received
Hostname Capability: advertised (name: caveo-nsx-edge01,domain name: n/a) not received
Graceful Restart Capability: advertised
Graceful restart information:
Local GR Mode: Restart*
Remote GR Mode: Disable
R bit: False
Timers:
Configured Restart Time(sec): 180
Received Restart Time(sec): 0
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 26 26
Notifications: 36 8
Updates: 41 108
Keepalives: 5640 6351
Route Refresh: 8 0
Capability: 0 0
Total: 5751 6493
Minimum time between advertisement runs is 0 seconds
Update source is 10.18.163.26

For address family: IPv4 Unicast
Update group 22, subgroup 16
Packet Queue length 0
Community attribute sent to this neighbor(all)
Inbound path policy configured
Outbound path policy configured
Route map for incoming advertisements is *4cc11e74-f15f-4840-aacd-a5266412a391
Route map for outgoing advertisements is *701018b8-a94a-4965-a5ab-5d9dbe8655f1
0 accepted prefixes
Maximum prefixes allowed 100 (warning-only)
Threshold for warning message 75%

Connections established 12; dropped 14
Looped AS count 0
Last reset 01:24:09, due to NOTIFICATION sent (Cease/Connection collision resolution)
Local host: 10.18.163.26, Local port: 36369
Foreign host: 10.18.163.25, Foreign port: 179
Nexthop: 10.18.163.26
Nexthop global: ::
Nexthop local: ::
BGP connection: shared network
BGP Connect Retry Timer in Seconds: 10
Estimated round trip time: 4 ms
Read thread: on Write thread: on FD used: 26

Bardo201110141 · ‎06-15-2023

During further tests I have setup a VyOS virtual router and was able to setup the BGP sessions succesfully and am receiving the advertised routes there as expected.

However from both VyOS to our Extreme/Brocade SLX as from NSX-T to our SLX sessions are established without errors - but advisertised routes are not received on either side.

I have setup 200+ BGP sessions on the SLX without any issues, so I am still in the dark here. I am thinking of some kind of incompatibility. If anyone has a similar experience or solution, please let me know.

JaSo2 · ‎06-16-2023

Maybe dumb question (edit - yes dumb question, sorry missed your previous answer regarding the Vyos router), but do you have route redistribution enabled for BGP and do you have anything to advertise? :):

If there is T1 with connected segments, it should have the route advertisment enabled too.

It also seems that you are running the T0 in Active-Passive mode, where the 10.18.163.25 Edge is the passive one (guessing by the AS Path prepend) - iirc this Edge won't advertise routes, you should check it on the active one - this will be just in standby mode with Established session to minimize the downtime in case the Active Edge (or better the Edge with Active T0 logical router) fails in any way.

You can also check log file on the edge by running get log-file routing.

J.