VMware Cloud Community
marc6272
Contributor
Contributor
‎08-29-2023 02:50 AM

BGP Route Re-Distribution for Tier-0 VRF Gateways - More than NAT IP

A Provider Gateway has been created using a Tier-0 VRF Gateway (Cloud Director 10.5)
The Tier-0 VRF Gateway has eBGP configured and running with our core routers

By default, only NAT-IPs from Tier-1 (Edges) are redistributed by that Tier-0 VRF Gateway to the Core Routers via eBGP.

All the networks that we need to redistribute are correctly located in the T0 VRF routing table (that part works fine).

But, if we want to advertise Connected Segments (t1c), do we need to manually modify the default BGP Distribution using the NSX-T UI or API? I can't find an option in the Cloud Director UI to do this (Cloud Director only configure the T0 with NAT redistribution). 

 

 

Reply
0 Kudos
6 Replies
dawid_dudek
Enthusiast
Enthusiast
‎08-29-2023 04:34 AM

Hi,

It sounds like you asking for IP Prefix List in BGP:
https://docs.vmware.com/en/VMware-Cloud-Director/10.5/VMware-Cloud-Director-Service-Provider-Admin-G...

Have a nice day,
Dawid

Reply
0 Kudos
marc6272
Contributor
Contributor
‎08-29-2023 12:00 PM

Hi,

Not really. IP Prefix lists can be used to restrict what is advertised. But only NAT IPs are advertised to begin with (unless you manually change the VRF Gateway using the NSX-T UI/API which I was hoping to avoid).

Thanks,

Marc.

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎08-30-2023 11:46 PM

You can perform this if you have dedicated T0/VRF configured in the VDC. 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
marc6272
Contributor
Contributor
‎08-31-2023 12:49 AM

It is a dedicated VRF Gateway... But I have not found the option in Cloud Director 10.5 to make that change. I can of course do it directly in NSX.

Thanks,

Marc.

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎08-31-2023 01:05 AM

It should work in 10.5 as well, i have a running config in my lab and it shows right output. Can you share the screenshot of org-vdc--->Networking->Edges->T1->Configuration->General . Also may i know the version of NSX ? 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
marc6272
Contributor
Contributor
‎08-31-2023 04:22 AM

Hi Sreec,

Attached are the screenshots. It's a test environment as well.
NSX is version 4.1.1.0.0.22224312

After doing a few things, the route redistribution in the VRF Gateway (SYSTEM-VCD-EDGE-SERVICES-REDISTRIBUTION) changed to also advertise Connected Interface & Segments (Service Interface Subnet + Connected Segment). No idea what triggered that change (and how to control it)

Thanks,

Marc.

marc6272_0-1693480559294.png

marc6272_1-1693480661394.png

 

 

Reply
0 Kudos