Configuring BGP Unnumbered
The Border Gateway Protocol (BGP) is a path vector protocol used to exchange routing and reachability information. Traditionally, to exchange IPv4 prefixes, you must configure explicit BGP sessions with the neighbor IP address and remote-AS information for each BGP peer, which can become cumbersome in large networks. This also occupies significant address space as each BGP peer must have an IPv4 address.
By using RFC5549 (Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop), Netvisor ONE enables you to create BGP unnumbered sessions which are simpler to configure. Practically, you need not have an IPv4 address for every BGP-enabled interface and therefore it is called an unnumbered configuration. Instead of specifying an IPv4 neighbor address and the remote-AS number, you can provide the L3 port number and declare an eBGP session. BGP unnumbered uses the link-local IPv6 address as the next-hop IP address for both IPv4 and IPv6 prefixes.
In effect, the need for configuring IPv4 addresses on all BGP-enabled interfaces and the need for declaring an explicit ASN for the remote side is eliminated through BGP unnumbered.
Note: Netvisor ONE does not support iBGP for unnumbered BGP sessions.
Note: Prior to Netvisor ONE version 6.1.1 HF1 on Whitebox platforms, in cases where the next hop BGP neighbors on unnumbered interfaces having Netvisor ONE releases with different FRR versions (for example, Netvisor ONE version 5.2.x with FRR4 and version 6.1.1 with FRR 7.2), the route updates from FRR 7.2 gets dropped by FRR 4 based releases. See the configuration section below for additional details.
To configure a BGP unnumbered session, use the two following commands:
CLI (network-admin@switch) > vrouter-interface-add vrouter-name <name-string> l3-port <l3-port-usable-port-number> ipv6-unnumbered
vrouter-interface-add |
Use this command to add an interface to a vRouter. |
vrouter-name name-string |
Specify the name of the vRouter to which the interface is to be added. |
vlan <0..4095> |
Specify the VLAN ID to which the interface has to be added (optional). Note: This option is not supported while configuring BGP unnumbered. |
Specify any of the following options: |
|
ip ip-address |
Specify the IP address to be assigned to the interface. |
Netmask netmask |
Specify the network mask for the IP address. |
Assignment [none | dhcp | dhcpv6] |
Specify one among the options as the type of IP address assignment. |
ip2 ip-address |
Specify the second IP address of the interface. |
netmask2 netmask |
Specify the network mask for the second IP address. |
assignment2 [none | dhcp | dhcpv6] |
Specify the type of assignment for the second IP address. |
linklocal ip-address |
Specify the IPv6 link local address. |
ipv6-unnumbered|no-ipv6-unnumbered |
Specify either of the options to enable or disable IPv6 unnumbered on the interface. |
vnet vnet name |
Specify the VNET name assigned to the vRouter. |
bd bridge-domain name |
Specify the Interface bridge domain name. |
vlan-type [public | private] |
Specify the interface VLAN type. |
if [mgmt | data | span | span2 | span3] |
Specify one among the options as the interface type. |
alias-on alias-on-string |
Specify an alias for the interface. |
exclusive | no-exclusive |
Specify if the interface is exclusive to the configuration. Exclusive means that other configurations cannot use the interface. Exclusive is specified when you configure the interface as a span interface and allows higher throughput through the interface. |
nic-enable | nic-disable |
Specify one of the options to enable or disable the NIC. |
pim | no-pim |
Specify either of the options to state if the VNIC is a Protocol Independent Multicast (PIM) interface or not. |
pim-dr-priority <1..4294967295> |
Specify the designated router priority for the PIM interface. Netvisor selects the vRouter interface with higher DR priority as the designated router. |
pim-cluster | no-pim-cluster |
Specify if the VNIC is on exclusive transit VLAN. |
fabric-nic | no-fabric-nic |
Specify if the VNIC is on a VLAN used for fabric setup or not. |
vrrp-id <0..255> |
Specify the VRRP ID. |
vrrp-primary vrrp-primary-string |
Specify the primary interface for VRRP failover. |
vrrp-priority <0..254> |
Specify the VRRP priority for the interface. This is a value between 0 (lowest) and 254 (highest). |
vrrp-adv-int <300..40950> |
Specify the VRRP advertisement interval in ms. The range is from 30 to 40950 with a default value of 1000. |
l3-port l3port-usable-port name |
Specify the name of the Layer 3 port to be added to the vrouter. |
secondary-macs secondary-macs-string |
Specify a secondary MAC address. |
mtu <68..9398> |
Specify a MTU value in bytes between 68 and 9216. |
if-nat-realm [internal | external] |
Specify the NAT interface realm as internal or external. |
priority-tag | no-priority-tag |
Specify either of the options to add a VLAN 0 priority tag on forwarded traffic or remove it. |
Now, issue the second command to add a BGP neighbor to the vrouter and finish the BGP unnumbered configuration.
CLI (network-admin@switch) > vrouter-bgp-add vrouter-name <name-string> l3-port <l3port-usable-port name> [remote-as external]
vrouter-bgp-add |
Use this command to add a BGP neighbor to a vrouter. |
vrouter-name name-string |
Specify the name of the vrouter to which the neighbor is being added. |
Specify one of the two options: |
|
neighbor ip-address |
Specify the IP address for BGP neighbor. |
l3-port l3port-usable-port name |
Specify the L3 port name for the BGP session. |
Specify any of the following options: |
|
remote-as <external|internal|-2..429496729> |
Supply this parameter to specify if the BGP session is external/internal or to provide an AS number Note: Specify external to configure a BGP unnumbered session. This parameter is redundant as an eBGP session is assumed for unnumbered BGP sessions. |
next-hop-self | no-next-hop-self |
Specify either of the options to set the next hop as self or to remove that configuration. |
password password-string |
Provide a password for MD5 BGP. |
ebgp-multihop <1..255> |
Specify the value for external BGP between 1 and 255. |
update-source vrouter loopback-interface ip |
Specify the source IP address of BGP packets sent by the router. This parameter is required if you want BGP to perform peering over a loopback interface. |
update-source-interface update-source-interface-string |
Specify the interface of BGP packets sent by the router. This parameter is required if you want BGP to perform peering over any interface. |
prefix-list-in vrouter prefix-list name |
Specify the prefix list to filter inbound packets. |
prefix-list-out vrouter prefix-list name |
Specify the prefix list to filter outbound packets. |
route-reflector-client|no-route-reflector-client |
Specify if a route reflector client is used. |
override-capability|no-override-capability |
Specify either of the options to enable or disable override capability. |
soft-reconfig-inbound|no-soft-reconfig-inbound |
Specify either of the options to enable or disable soft reset to reconfigure inbound traffic. |
max-prefix max-prefix-number |
Specify the maximum number of prefixes. |
max-prefix-warn-only|no-max-prefix-warn-only |
Specify either of the options to enable or disable the warning if the maximum number of prefixes is exceeded. |
bfd|no-bfd |
Specify either of the options to enable or disable BFD protocol support for fault detection. |
bfd-multihop|no-bfd-multihop |
Specify either of the options to enable or disable the use of BFD multi-hop port for fault detection. |
multi-protocol [ipv4-unicast|ipv6-unicast] |
Specify either of the options as a multi-protocol feature. |
weight [none | -1..65535] |
Specify the default weight value for the neighbor's routes either as none or as a value between 0 and 65535. |
default-originate|no-default-originate |
Specify either of the options to enable or disable the announcing of default routes to the neighbor. |
neighbor-keepalive-interval <0..65535> |
Specify the BGP keepalive interval in seconds. The keepalive interval stipulates how often the the keepalive messages are sent. |
neighbor-holdtime <0..65535> |
Specify the BGP holdtime in seconds. The hold time specifies how long a router will wait for incoming BGP messages before it assumes the neighbor is dead. |
connect-retry-interval <0..65535> |
Specify the BGP connect retry interval in seconds. |
send-community|no-send-community |
Specify either of the options to enable or disable the sending of any community attribute to the neighbor. |
route-map-in vrouter route-map name |
Specify the name of the route map for incoming routes. |
route-map-out vrouter route-map name |
Specify the name of the route map for outgoing routes. |
allowas-in|no-allowas-in |
Specify either of the options to allow/reject routes with local AS in AS_PATH. |
interface vrouter interface nic |
Specify the Interface to reach the neighbor. |
advertisement-interval <0..600> |
Specify the minimum interval between sending BGP routing updates. |
description description-string |
Add a vRouter BGP neighbor description. |
These commands create an interface with a link-local IPv6 address and configures an eBGP session for the interface.
To view the configuration on the vrouter, use the command, vrouter-interface-showcommand. For example:
CLI (network-admin@switch) > vrouter-interface-show format nic,l3-port,vlan,ip,ipv6-unnumbered
vrouter-name nic l3-port vlan ip ipv6-unnumbered
------------ --------- ------- ---- ---------------------------- ---------------
vr1 eth0.4092 17 4092 fe80::640e:94ff:feff:7bdc/64 yes
View the BGP configuration by using the command:
CLI (network-admin@switch) > vrouter-bgp-show format l3-port,nic,neighbor,remote-as
vrouter-name l3-port nic remote-as
------------ ------- --------- ---------
vr1 17 eth0.4092 external
Use the following command to view the relevant neighbor information:
CLI (network-admin@switch) > vrouter-bgp-neighbor-show vrouter-name vr2 format neighbor,l3-port,nic,remote-as,up/down
vrouter-name neighbor l3-port nic remote-as up/down
------------ ------------- ------- --------- --------- --------
vr2 17 eth2.4092 65100 00:06:20
vr2 192.168.101.1 65100 00:02:48
The output shows that the neighbor field for the unnumbered interface does not have an IP address, while the l3-port and nic fields have information. Note that a BGP unnumbered session can co-exist with a numbered BGP session, but not on the same interface.
The Routing Information Database (RIB) and Forwarding Information Database (FIB) confirms that both IPv4 and IPv6 prefixes learned by BGP use IPv6 next-hop addresses:
CLI (network-admin@switch) > vrouter-rib-routes-show format ip,prelen,nexthop,flags,vlan
ip prelen nexthop flags vlan
------------- ------ ------------------------- ----- ----
192.168.111.0 24 fe80::640e:94ff:feff:7bdc in-hw 4092
5001:11:1:: 48 fe80::640e:94ff:feff:7bdc in-hw 4092
CLI (network-admin@switch) > vrouter-fib-routes-show format ip,prelen,vlan,port,nexthop-mac,egress-id
ip prelen vlan port nexthop-mac egress-id
------------- ------ ---- ---- ----------------- ---------
192.168.111.0 24 4092 17 66:0e:94:ff:7b:dc 100010
5001:11:1:: 48 4092 17 66:0e:94:ff:7b:dc 100010
You can modify unnumbered BGP neighbor parameters by using the command vrouter-bgp-modify. For example:
CLI (network-admin@switch) > vrouter-bgp-modify vrouter-name vr3 l3-port 19 multi-protocol ipv6-unicast
You can remove an L3 port from a BGP configuration by using the command vrouter-bgp-remove. For example:
CLI (network-admin@switch) > vrouter-bgp-remove vrouter-name vr3 l3-port 17
To remove an L3 interface from a vrouter, use the command vrouter-interface-remove. For example:
CLI (network-admin@switch) > vrouter-interface-remove vrouter-name vr3 l3-port 20
To reset the Information regarding BGP neighbors, use the command vrouter-bgp-neighbor-reset. For example:
CLI (network-admin@switch) > vrouter-bgp-neighbor-reset vrouter-name vr3 l3-port port 11
You can shut down a BGP neighbor by using the command vrouter-bgp-neighbor-shutdown. For example:
CLI (network-admin@switch) > vrouter-bgp-neighbor-shutdown vrouter-name vr3 l3-port port 26
To bring a BGP neighbor back up after the shut down, use the command vrouter-bgp-neighbor-no-shutdown. For example:
CLI (network-admin@switch) > vrouter-bgp-neighbor-no-shutdown vrouter-name vr3 l3-port 10
As mentioned in the beginning of this topic, prior to Netvisor ONE version 6.1.1 HF1, in cases where the next hop BGP neighbors on unnumbered interfaces having Netvisor ONE releases with different FRR versions (for example, Netvisor ONE version 5.2.x with FRR4 and version 6.1.1 with FRR 7.2), the route updates from FRR 7.2 gets dropped by FRR 4 based releases.
For releases between versions 6.0.x and 6.1.1, the unnumbered neighbor interoperability with 5.2.x is not feasible. This issue is addressed in version 6.1.1 HF1 and beyond with the introduction of a new BGP config option, unnumbered-interop on a per unnumbered neighbor basis. For example, use the unnumbered-interop parameter in the vrouter-bgp-add or vrouter-bgp-modify commands as:
CLI(network-admin@switch)> vrouter-bgp-modify vrouter-name <name-string> l3-port <l3port-usable-port name> unnumbered-interop
OR
CLI(network-admin@switch)> vrouter-bgp-add vrouter-name <name-string> l3-port <l3port-usable-port name> unnumbered-interop
The no-unnumbered-interop option restores the configuration to default values. In the newer releases when configured with the new knob, unnumbered-interop, Netvsior sends both link-local and global next-hop in the BGP Update. This option is specific to interop with unnumbered neighbors.
Below is an output of a sample configuration:
CLI(network-admin@switch)> vrouter-bgp-show format l3-port,neighbor,unnum-interop,
vrouter-name l3-port unnum-interop
------------------- ------------------- -------------
antlia-dc-1-vrouter antlia-dc-1-eq-dc-1 no
antlia-dc-1-vrouter 53 yes