Solved: Re: BGP configuration in NSX-T 3.1

nagesh_u · ‎03-22-2021

Hi Team,

i have configure the bgp using EX4200 but from the tier0 i am not able to see next hope, can anyone help me on this ?

please find the below info:

from the EX4200

root@SD_EX4200_1.sl7> show route receive-protocol bgp 10.10.10.2

inet.0: 13 destinations, 16 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
10.10.10.0/24 10.10.10.2 0 100 ?
192.168.7.0/24 10.10.10.2 0 100 ?

{master:0}
root@SD_EX4200_1.sl7>

From the NSX-T

nalabnsxtedg01(tier0_sr)> get bgp
BGP IPv4 table version is 4, BGP IPv6 table version is 0
Local router ID is 10.10.10.2
Status flags: > - best, I - internal
Origin flags: i - IGP, e - EGP, ? - incomplete

EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

Network Next Hop Metric LocPrf Weight Path RD
> 10.10.10.0/24 0.0.0.0 0 100 32768 ?
> 192.168.7.0/24 100.64.176.1 0 100 32768 ?
Wed Mar 24 2021 UTC 07:10:36.302
nalabnsxtedg01(tier0_sr)> get bgp s
% Invalid value for argument <prefix>: s
nalabnsxtedg01(tier0_sr)> get bgp neighbor summary
BFD States: NC - Not configured, DC - Disconnected
AD - Admin down, DW - Down, IN - Init, UP - Up
BGP summary information for VRF default for address-family: ipv4Unicast
Router ID: 10.10.10.2 Local AS: 200

Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx

10.10.10.10 200 Estab 00:51:40 NC 117 108 0 2

Wed Mar 24 2021 UTC 07:11:01.280
nalabnsxtedg01(tier0_sr)>

shank89 · ‎03-23-2021

Shouldn't need to, but you could be facing what I saw last time, create a prefix list with any and permit and attach it to the in and out and see if you see any difference.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

View solution in original post

shank89 · ‎03-23-2021

Spoke with Nagesh, ended up being a two-fold issue. One needing to allow the routes in (which seems to be a new thing) and two there was an assymetric routing issue in the environment which was not helping.

After resolving both of those, it all worked.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

View solution in original post

p0wertje · ‎03-23-2021

Are you announcing anything to nsx ?

From Juniper:

show route advertise-protocol bgp 10.10.10.2
You may need to create a filter

Example:
show configuration policy-options policy-statement ANNOUNCE-DEFAULT
term DEFAULT {
from {
protocol [ ospf static ];
route-filter 0.0.0.0/0 exact;
}
then accept;
}
term REJECT {
then reject;
}

show configuration protocols bgp group nsx
type external;
export ANNOUNCE-DEFAULT;
peer-as xxxx;
bfd-liveness-detection {
minimum-interval 300;
multiplier 3;
}
neighbor x.x.x.x;

Cheers,
p0wertje | VCIX6-NV | JNCIS-ENT | vExpert
Please kudo helpful posts and mark the thread as solved if solved

shank89 · ‎03-23-2021

I imagine this is a lab, but is there a reason you have created the uplinks for BGP on the same network as the clients?

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

nagesh_u · ‎03-23-2021

did the configurationbut stil i am not abel to ping 192.168.7.1 from the T0 gateway

syntax error, expecting <command>.
root@SD_EX4200_1.sl7> show configuration | display set | match send-statics
set protocols bgp group internal export send-statics
set policy-options policy-statement send-statics term statics from route-filter 10.10.10.0/24 exact
set policy-options policy-statement send-statics term statics from route-filter 192.168.7.0/24 exact
set policy-options policy-statement send-statics term statics then accept

{master:0}
root@SD_EX4200_1.sl7> show configuration | display set | match bgp
set protocols bgp group internal type internal
set protocols bgp group internal local-address 10.10.10.1
set protocols bgp group internal export send-statics
set protocols bgp group internal neighbor 10.10.10.2 peer-as 200
set protocols bgp group internal neighbor 10.10.10.3 peer-as 200

{master:0}
root@SD_EX4200_1.sl7> show route advertising-protocol bgp 10.10.10.2

inet.0: 15 destinations, 20 routes (15 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.0/24 Self 100 I
* 192.168.7.0/24 Self 100 I

{master:0}
root@SD_EX4200_1.sl7> show route advertising-protocol bgp 10.10.10.3

inet.0: 15 destinations, 20 routes (15 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.0/24 Self 100 I
* 192.168.7.0/24 Self 100 I

{master:0}
root@SD_EX4200_1.sl7>

nalabnsxtedg01> vrf 1
nalabnsxtedg01(tier0_sr)> get bgp
BGP IPv4 table version is 25, BGP IPv6 table version is 0
Local router ID is 10.10.10.2
Status flags: > - best, I - internal
Origin flags: i - IGP, e - EGP, ? - incomplete

EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

Network Next Hop Metric LocPrf Weight Path RD
> 10.10.10.0/24 0.0.0.0 0 100 32768 ?
10.10.10.0/24 10.10.10.1 0 100 0 i
> 192.168.5.0/24 100.64.176.3 0 100 32768 ?
> 192.168.7.0/24 100.64.176.1 0 100 32768 ?
192.168.7.0/24 10.10.10.1 0 100 0 i
Thu Mar 25 2021 UTC 08:08:46.319
nalabnsxtedg01(tier0_sr)>

nagesh_u · ‎03-23-2021

there is no reason, you want me to us different IP address for the uplink for BGP?

i want reach 10.10.10.0/24 subnet from the 192.168.7.0/24 and wise versa

shank89 · ‎03-23-2021

Don't get me wrong, it should still work. I just tested it in my environment and it did.

On the T0 SR, can you type in get bgp 10.10.10.0/24 and see what you get?

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

p0wertje · ‎03-23-2021

You should use a different subnet. one that is not part of the 10.10.10.0/24.
i.e you can use (assiumng you have 1 t0) 10.10.20.0/30. use .1 on juniper side and .2 on t0 side.

Announce 10.10.10.0/24 from juniper to t0
Do not announce 192.168.7.0/24 from the juniper to the t0. This should be announced from t0 to juniper.

Cheers,
p0wertje | VCIX6-NV | JNCIS-ENT | vExpert
Please kudo helpful posts and mark the thread as solved if solved

nagesh_u · ‎03-23-2021

i have changed the IP address for BGP, not sure where i am failing

root@SD_EX4200_1.sl7# show protocols bgp su
^
syntax error.
root@SD_EX4200_1.sl7# show protocols bgp
group internal {
type internal;
local-address 192.168.8.1;
export send-statics;
peer-as 200;
neighbor 192.168.8.2;
neighbor 192.168.8.3;
}

{master:0}[edit]
root@SD_EX4200_1.sl7# exit
Exiting configuration mode

{master:0}
root@SD_EX4200_1.sl7> show configuration | display set | match send-statics
set protocols bgp group internal export send-statics
set policy-options policy-statement send-statics term statics from route-filter 10.10.10.0/24 exact
set policy-options policy-statement send-statics term statics from route-filter 192.168.7.0/24 exact
set policy-options policy-statement send-statics term statics then accept

{master:0}
root@SD_EX4200_1.sl7>

Please find the get bgp 10.10.10.0/24

nalabnsxtedg01(tier0_sr)> get bgp 10.10.10.0/24
BGP routing table entry for 10.10.10.0/24
Prefix advertised to: None

1 Paths available:
Origin IGP, Metric 0, LocalPref 100, Weight 0, best, valid
Peer is 192.168.8.1 with router id 10.10.10.1
Last Updated: Thu Mar 25 09:12:39 2021

Thu Mar 25 2021 UTC 09:13:58.582
nalabnsxtedg01(tier0_sr)> get bgp 192.168.7.0/24
BGP routing table entry for 192.168.7.0/24
Prefix advertised to: 192.168.8.1
2 Paths available:
Origin IGP, Metric 0, LocalPref 100, Weight 0, , valid
Peer is 192.168.8.1 with router id 10.10.10.1
Last Updated: Thu Mar 25 09:12:38 2021

Origin incomplete, Metric 0, LocalPref 100, Weight 32768, best, valid
Peer is 0.0.0.0 with router id 192.168.8.2
Last Updated: Thu Mar 25 07:13:39 2021

Thu Mar 25 2021 UTC 09:14:07.919
nalabnsxtedg01(tier0_sr)> get bgp
BGP IPv4 table version is 30, BGP IPv6 table version is 0
Local router ID is 192.168.8.2
Status flags: > - best, I - internal
Origin flags: i - IGP, e - EGP, ? - incomplete

EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

Network Next Hop Metric LocPrf Weight Path RD
> 10.10.10.0/24 192.168.8.1 0 100 0 i
> 192.168.5.0/24 100.64.176.3 0 100 32768 ?
192.168.7.0/24 192.168.8.1 0 100 0 i
> 192.168.7.0/24 100.64.176.1 0 100 32768 ?
> 192.168.8.0/24 0.0.0.0 0 100 32768 ?
Thu Mar 25 2021 UTC 09:14:51.817
nalabnsxtedg01(tier0_sr)>

nalabnsxtedg01(tier0_sr)> get bgp neighbor summary
BFD States: NC - Not configured, DC - Disconnected
AD - Admin down, DW - Down, IN - Init, UP - Up
BGP summary information for VRF default for address-family: ipv4Unicast
Router ID: 192.168.8.2 Local AS: 200

Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx

192.168.8.1 200 Estab 00:03:29 NC 48 44 2 3

Thu Mar 25 2021 UTC 09:16:08.231
nalabnsxtedg01(tier0_sr)>

current configuration:

nagesh_u · ‎03-23-2021

sorry, updated diagram:

shank89 · ‎03-23-2021

Have you got any route filters in NSX-T ? To0 > edit > BGP neighbors > inbound or outbound filters?

You could attempt to create a prefix list with any, then apply that to the neighbours. I have seen some strange behaviour on the LE release.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

nagesh_u · ‎03-23-2021

nothing is configured in route filter, do you want me to configure that ?

shank89 · ‎03-23-2021

Shouldn't need to, but you could be facing what I saw last time, create a prefix list with any and permit and attach it to the in and out and see if you see any difference.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

shank89 · ‎03-23-2021

Spoke with Nagesh, ended up being a two-fold issue. One needing to allow the routes in (which seems to be a new thing) and two there was an assymetric routing issue in the environment which was not helping.

After resolving both of those, it all worked.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

nagesh_u · ‎03-23-2021

wow shashank very nice, thank you so much for finding the issue and fix it,

very appreciated

All

BGP configuration in NSX-T 3.1