VMware Networking Community
olouinel
Contributor
Contributor
‎08-18-2020 07:36 AM
Jump to solution

NSX-T 3.0.1 Unable to configure BGP on VRF

Hello,

We have updated NSX-T from 3.0.0 to 3.0.1 for testing purpose and came across an issue while configuring BGP on a VRF router with error

"Only ECMP enabled BGP aggregate to be configured for VRF BGP routing".

While looking at the log on nsx manager we can see that:

2020-08-18T14:32:06.619Z ERROR http-nio-127.0.0.1-6440-exec-93 BgpRoutingConfigServiceImpl - POLICY [nsx@6876 comp="nsx-manager" errorCode="MP503175" level="ERROR" reqId="e00c0b8d-559b-48e6-841b-0c2fbad67cb2" subcomp="policy" username="admin"] BGP config is not allowed in vrf tier0

2020-08-18T14:32:06.620Z  WARN http-nio-127.0.0.1-6440-exec-93 ProtectionAspect - SYSTEM [nsx@6876 comp="nsx-manager" level="WARNING" reqId="e00c0b8d-559b-48e6-841b-0c2fbad67cb2" subcomp="policy" username="admin"] Managed Resource (com.vmware.nsx.management.internal.security.authz.ProtectionAspect) without proper calling info: _nsxCaller=admin _nsxIsAdmin=true _nsxContext=/policy/api/v1/infra

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 AuditingServiceImpl - - [nsx@6876 audit="true" comp="nsx-manager" level="INFO" reqId="e00c0b8d-559b-48e6-841b-0c2fbad67cb2" subcomp="policy" update="true" username="admin"] UserName="admin", ModuleName="PolicyConnectivity", Operation="PatchBgpRoutingConfig", Operation status="failure", New value=["vrf1" "default" {"enabled":true,"ecmp":true,"graceful_restart_config":{"mode":"HELPER_ONLY","timer":{"restart_timer":180,"stale_route_timer":600}},"resource_type":"BgpRoutingConfig","id":"bgp","display_name":"bgp","path":"/infra/tier-0s/vrf1/locale-services/default/bgp","relative_path":"bgp","parent_path":"/infra/tier-0s/vrf1/locale-services/default","unique_id":"4658c09c-8a98-45f3-8e31-554f1224cbc1","marked_for_delete":false,"overridden":false,"_create_user":"admin","_create_time":1597759265910,"_last_modified_user":"admin","_last_modified_time":1597759265912,"_system_owned":false,"_protection":"UNKNOWN","_revision":0}]

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 HierarchicalAPIAuthorizationAspect - POLICY [nsx@6876 comp="nsx-manager" level="INFO" subcomp="policy"] Resetting HierarchicalAPIAuthorization for void com.vmware.nsx.management.policy.connectivity.facade.PolicyConnectivityFacadeImpl.patchResources(List)

2020-08-18T14:32:06.620Z  WARN http-nio-127.0.0.1-6440-exec-93 PolicyHierarchicalAPIUtils - POLICY [nsx@6876 comp="nsx-manager" level="WARNING" subcomp="policy"] Error while performing hierarchical patch

com.vmware.nsx.management.common.exceptions.InvalidArgumentException: null

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validateVrf(BgpRoutingConfigServiceImpl.java:416) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validate(BgpRoutingConfigServiceImpl.java:283) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validate(BgpRoutingConfigServiceImpl.java:51) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl.saveInternal(PolicyServiceImpl.java:708) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl.createOrUpdate_aroundBody4(PolicyServiceImpl.java:330) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl$AjcClosure5.run(PolicyServiceImpl.java:1) ~[policy-framework-api-1.0.jar:?]

        ....

        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.7.RELEASE.jar:5.1.7.RELEASE]

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]

        ...

        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_241]

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 PolicyHierarchicalAPIUtils - POLICY [nsx@6876 comp="nsx-manager" level="INFO" subcomp="policy"] Got errors during hierarchical patch - [{"moduleName":"Policy","errorCode":503175,"errorMessage":"Only ecmp, enabled, BGP Aggregate to be configured for VRF BGP Config."}]

Does anyone else came accross this issue ?

It only affect 3.0.1 we didn't have this on 3.0.0.

BR,

Louis

0 Kudos
1 Solution

Accepted Solutions
clem13
Contributor
Contributor
‎08-19-2020 07:13 AM
Jump to solution

/* Update *\

It's working with this body, ecmp is a mandatory parameter for vrf.

'{"enabled" : "true", "ecmp" : "true"}'

Best regards

View solution in original post

0 Kudos
3 Replies
DaleCoghlan
VMware Employee
VMware Employee
‎08-18-2020 05:19 PM
Jump to solution

This is a bug. Please try the configuration via the API.

0 Kudos
clem13
Contributor
Contributor
‎08-19-2020 06:44 AM
Jump to solution

Hello,

I have the same problem, I made a try with the API without success.

Please could you check the request joined, I have a doubt.

Best regards

Preview file
116 KB
0 Kudos
clem13
Contributor
Contributor
‎08-19-2020 07:13 AM
Jump to solution

/* Update *\

It's working with this body, ecmp is a mandatory parameter for vrf.

'{"enabled" : "true", "ecmp" : "true"}'

Best regards

0 Kudos