Configuring BGP Unnumbered



The Border Gateway Protocol (BGP) is a path vector protocol used to exchange routing and reachability information. Traditionally, to exchange IPv4 prefixes, you must configure explicit BGP sessions with the neighbor IP address and remote-AS information for each BGP peer, which can become cumbersome in large networks. This also occupies significant address space as each BGP peer must have an IPv4 address.


By using  RFC5549 (Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop), Netvisor ONE enables you to create BGP unnumbered sessions which are simpler to configure. Practically, you need not have an IPv4 address for every BGP-enabled interface and therefore it  is called an unnumbered configuration. Instead of specifying an IPv4 neighbor address and the remote-AS number, you can provide the L3 port number and declare an eBGP session. BGP unnumbered uses the link-local IPv6 address as the next-hop IP address for both IPv4 and IPv6 prefixes.


In effect, the need for configuring IPv4 addresses on all BGP-enabled interfaces and the need for declaring an explicit ASN for the remote side is eliminated through BGP unnumbered.


Note:  Netvisor ONE does not support iBGP for unnumbered BGP sessions.


Note: Prior to Netvisor ONE version 6.1.1 HF1 on Whitebox platforms, in cases where the next hop BGP neighbors on unnumbered interfaces having Netvisor ONE releases with different FRR versions (for example, Netvisor ONE version 5.2.x with FRR4 and version 6.1.1  with FRR 7.2), the route updates from FRR 7.2 gets dropped by FRR 4 based releases. See the configuration section below for additional details.


To configure a BGP unnumbered session, use the two following commands:


CLI (network-admin@switch) > vrouter-interface-add vrouter-name <name-string> l3-port <l3-port-usable-port-number> ipv6-unnumbered


vrouter-interface-add

Use this command to add an interface to a vRouter.

vrouter-name name-string

Specify the name of the vRouter to which the interface is to be added.

vlan <0..4095>

Specify the VLAN ID to which the interface has to be added (optional).

Note: This option is not supported while configuring BGP unnumbered.

Specify any of the following options:


ip ip-address

Specify the IP address to be assigned to the interface.

Netmask netmask

Specify the network mask for the IP address.

Assignment [none | dhcp | dhcpv6]

Specify one among the options as the type of IP address assignment.

ip2 ip-address

Specify the second IP address of the interface.

netmask2 netmask

Specify the network mask for the second IP address.

assignment2 [none | dhcp | dhcpv6]

Specify the type of assignment for the second IP address.

linklocal ip-address

Specify the IPv6 link local address.

ipv6-unnumbered|no-ipv6-unnumbered

Specify either of the options to enable or disable IPv6 unnumbered on the interface.

vnet vnet name

Specify the VNET name assigned to the vRouter.

bd bridge-domain name

Specify the Interface bridge domain name.

vlan-type [public | private]

Specify the interface VLAN type.

if [mgmt | data | span | span2 | span3]

Specify one among the options as the interface type.

alias-on alias-on-string

Specify an alias for the interface.

exclusive | no-exclusive

Specify if the interface is exclusive to the configuration. Exclusive means that other configurations cannot use the interface. Exclusive is specified when you configure the interface as a span interface and allows higher throughput through the interface.

nic-enable | nic-disable

Specify one of the options to enable or disable the NIC.

pim | no-pim

Specify either of the options to state if the VNIC is a Protocol Independent Multicast (PIM) interface or not.

pim-dr-priority <1..4294967295>

Specify the designated router priority for the PIM interface. Netvisor selects the vRouter interface with higher DR priority as the designated router.

pim-cluster | no-pim-cluster

Specify if the VNIC is on exclusive transit VLAN.

fabric-nic | no-fabric-nic

Specify if the VNIC is on a VLAN used for fabric setup or not.

vrrp-id <0..255>

Specify the VRRP ID.

vrrp-primary vrrp-primary-string

Specify the primary interface for VRRP failover.

vrrp-priority <0..254>

Specify the VRRP priority for the interface. This is a value between 0 (lowest) and 254 (highest).

vrrp-adv-int <300..40950>

Specify the VRRP advertisement interval in ms. The range is from 30 to 40950 with a default value of 1000.

l3-port l3port-usable-port name

Specify the name of the Layer 3 port to be added to the vrouter.

secondary-macs secondary-macs-string

Specify a secondary MAC address.

mtu <68..9398>

Specify a MTU value in bytes between 68 and 9216.

if-nat-realm [internal | external]        

Specify the NAT interface realm as internal or external.

priority-tag | no-priority-tag

Specify either of the options to add a VLAN 0 priority tag on forwarded traffic or remove it.


Now, issue the second command to add a BGP neighbor to the vrouter and finish the BGP unnumbered configuration.


CLI (network-admin@switch) > vrouter-bgp-add vrouter-name <name-string> l3-port <l3port-usable-port name> [remote-as external]


vrouter-bgp-add

Use this command to add a BGP neighbor to a vrouter.

vrouter-name name-string

Specify the name of the vrouter to which the neighbor is being added.

Specify one of the two options:


neighbor ip-address

Specify the IP address for BGP neighbor.

l3-port l3port-usable-port name

Specify the L3 port name for the BGP session.

Specify any of the following options:


remote-as <external|internal|-2..429496729>

Supply this parameter to specify if the BGP session is external/internal or to provide an AS number


Note: Specify external to configure a BGP unnumbered session. This parameter is redundant as an eBGP session is assumed for unnumbered BGP sessions.

next-hop-self | no-next-hop-self

Specify either of the options to set the next hop as self or to remove that configuration.

password password-string

Provide a password for MD5 BGP.

ebgp-multihop <1..255>

Specify the value for external BGP between 1 and 255.

update-source vrouter loopback-interface ip

Specify the source IP address of BGP packets sent by the router. This parameter is required if you want BGP to perform peering over a loopback interface.

update-source-interface update-source-interface-string

Specify the interface of BGP packets sent by the router. This parameter is required if you want BGP to perform peering over any interface.

prefix-list-in vrouter prefix-list name

Specify the prefix list to filter inbound packets.

prefix-list-out vrouter prefix-list name

Specify the prefix list to filter outbound packets.

route-reflector-client|no-route-reflector-client

Specify if a route reflector client is used.

override-capability|no-override-capability

Specify either of the options to enable or disable override capability.

soft-reconfig-inbound|no-soft-reconfig-inbound        

Specify either of the options to enable or disable soft reset to reconfigure inbound traffic.

max-prefix max-prefix-number        

Specify the maximum number of prefixes.

max-prefix-warn-only|no-max-prefix-warn-only        

Specify either of the options to enable  or disable the warning if the maximum number of prefixes is exceeded.

bfd|no-bfd        

Specify either of the options to enable or disable BFD protocol support for fault detection.

bfd-multihop|no-bfd-multihop        

Specify either of the options to enable or disable the use of BFD multi-hop port for fault detection.

multi-protocol [ipv4-unicast|ipv6-unicast]

Specify either of the options as a multi-protocol feature.

weight [none | -1..65535]

Specify the default weight value for the neighbor's routes either as none or as a value between 0 and 65535.

default-originate|no-default-originate        

Specify either of the options to enable or disable the announcing of default routes to the neighbor.

neighbor-keepalive-interval <0..65535>

Specify the BGP keepalive interval in seconds. The keepalive interval stipulates how often the the keepalive messages are sent.

neighbor-holdtime <0..65535>        

Specify  the BGP holdtime in seconds. The hold time specifies how long a router will wait for incoming BGP messages before it assumes the neighbor is dead.

connect-retry-interval <0..65535>

Specify the BGP connect retry interval in seconds.

send-community|no-send-community

Specify either of the options to enable or disable the sending of any community attribute to the neighbor.

route-map-in vrouter route-map name

Specify the name of the route map for incoming routes.

route-map-out vrouter route-map name        

Specify the name of the route map for outgoing routes.

allowas-in|no-allowas-in        

Specify either of the options to allow/reject routes with local AS in AS_PATH.

interface vrouter interface nic        

Specify the Interface to reach the neighbor.


advertisement-interval <0..600>

Specify the minimum interval between sending BGP routing updates.

description description-string

Add  a vRouter BGP neighbor description.


These commands create an interface with a link-local IPv6 address and configures an eBGP session for the interface.


To view the configuration on the vrouter, use the command, vrouter-interface-showcommand. For example:


CLI (network-admin@switch) > vrouter-interface-show format nic,l3-port,vlan,ip,ipv6-unnumbered


vrouter-name nic       l3-port vlan ip                           ipv6-unnumbered

------------ --------- ------- ---- ---------------------------- ---------------

vr1          eth0.4092 17      4092 fe80::640e:94ff:feff:7bdc/64 yes


View the BGP configuration by using the command:


CLI (network-admin@switch) > vrouter-bgp-show format l3-port,nic,neighbor,remote-as


vrouter-name l3-port nic       remote-as 

------------ ------- --------- ---------

vr1          17      eth0.4092 external  


Use the following command to view the relevant neighbor information:


CLI (network-admin@switch) > vrouter-bgp-neighbor-show vrouter-name vr2 format neighbor,l3-port,nic,remote-as,up/down


vrouter-name neighbor      l3-port nic       remote-as up/down  

------------ ------------- ------- --------- --------- -------- 

vr2                        17      eth2.4092 65100     00:06:20 

vr2          192.168.101.1                   65100     00:02:48 


The output shows that the neighbor field for the unnumbered interface does not have an IP address, while the l3-port and nic fields have information. Note that a BGP unnumbered session can co-exist with a numbered BGP session, but not on the same interface.


The Routing Information Database (RIB) and Forwarding Information Database (FIB) confirms that both IPv4 and IPv6 prefixes learned by BGP use IPv6 next-hop addresses:


CLI (network-admin@switch) > vrouter-rib-routes-show format ip,prelen,nexthop,flags,vlan


ip            prelen nexthop                   flags vlan

------------- ------ ------------------------- ----- ----

192.168.111.0 24     fe80::640e:94ff:feff:7bdc in-hw 4092

5001:11:1::   48     fe80::640e:94ff:feff:7bdc in-hw 4092


CLI (network-admin@switch) > vrouter-fib-routes-show format ip,prelen,vlan,port,nexthop-mac,egress-id


ip            prelen vlan port nexthop-mac       egress-id 

------------- ------ ---- ---- ----------------- --------- 

192.168.111.0 24     4092 17   66:0e:94:ff:7b:dc 100010    

5001:11:1::   48     4092 17   66:0e:94:ff:7b:dc 100010



You can modify unnumbered BGP neighbor parameters by using the command vrouter-bgp-modify. For example:


CLI (network-admin@switch) >  vrouter-bgp-modify vrouter-name vr3 l3-port 19 multi-protocol ipv6-unicast


You can remove an L3 port from a BGP configuration by using the command vrouter-bgp-remove. For example:


CLI (network-admin@switch) > vrouter-bgp-remove vrouter-name vr3 l3-port 17


To remove an L3 interface from a vrouter, use the command vrouter-interface-remove. For example:


CLI (network-admin@switch) > vrouter-interface-remove vrouter-name vr3 l3-port 20


To reset the Information regarding BGP neighbors, use the command vrouter-bgp-neighbor-reset. For example:


CLI (network-admin@switch) > vrouter-bgp-neighbor-reset vrouter-name vr3 l3-port port 11


You can shut down a BGP neighbor by using the command vrouter-bgp-neighbor-shutdown. For example:


CLI (network-admin@switch) > vrouter-bgp-neighbor-shutdown vrouter-name vr3 l3-port port 26


To bring a BGP neighbor back up after the shut down, use the command vrouter-bgp-neighbor-no-shutdown. For example:


CLI (network-admin@switch) > vrouter-bgp-neighbor-no-shutdown vrouter-name vr3 l3-port 10


As mentioned in the beginning of this topic, prior to Netvisor ONE version 6.1.1 HF1, in cases where the next hop BGP neighbors on unnumbered interfaces having Netvisor ONE releases with different FRR versions (for example, Netvisor ONE version 5.2.x with FRR4 and version 6.1.1  with FRR 7.2), the route updates from FRR 7.2 gets dropped by FRR 4 based releases. 


For releases between versions 6.0.x and 6.1.1, the unnumbered neighbor interoperability with 5.2.x is not feasible. This issue is addressed in version 6.1.1 HF1 and beyond with the introduction of a new BGP config option, unnumbered-interop on a per unnumbered neighbor basis. For example,  use the unnumbered-interop parameter in the vrouter-bgp-add or vrouter-bgp-modify commands as:


CLI(network-admin@switch)> vrouter-bgp-modify vrouter-name <name-string> l3-port <l3port-usable-port name> unnumbered-interop 

OR

CLI(network-admin@switch)> vrouter-bgp-add vrouter-name <name-string> l3-port <l3port-usable-port name> unnumbered-interop 


The no-unnumbered-interop option restores the configuration to default values. In the newer releases when configured with the new knob, unnumbered-interop, Netvsior sends both link-local and global next-hop in the BGP Update. This option is specific to interop with unnumbered neighbors. 


Below is an output of a sample configuration:


CLI(network-admin@switch)> vrouter-bgp-show format l3-port,neighbor,unnum-interop,


vrouter-name        l3-port             unnum-interop

------------------- ------------------- -------------

antlia-dc-1-vrouter antlia-dc-1-eq-dc-1 no

antlia-dc-1-vrouter 53                  yes


north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south