[c-nsp] BGP Dynamic Neighbors + VRF

Andrew Thrift andrew at networklabs.co.nz
Tue Apr 19 23:42:24 EDT 2016


Just an update on this old thread, I got slightly side-tracked..

Wes's solution does indeed work (Thanks Wes)

We have it in production with a few hundred peers now.

On Tue, Dec 8, 2015 at 5:00 PM, Wes Smith <fathom5 at live.com> wrote:
> Hmm
> I grabbed that config from a working asr1002x on 3.16.
> I've been using  that for a while with dynamic neighbors in a vrf.
>
> range config is in the root bgp config and the peer-group is defined in the address family for the vrf.
>
>
>
> Sent from my iPhone
>
>> On Dec 7, 2015, at 10:06 PM, Andrew Thrift <andrew at networklabs.co.nz> wrote:
>>
>> Thanks Wes.
>>
>> I did try what you have suggested, and it works if you specify a
>> neighbour/peer-group binding, but you do not seem to be able to
>> specify a "bgp listen range" so it does not accept dynamic neighbours.
>> :(
>>
>>
>>
>>
>>> On Tue, Dec 8, 2015 at 3:29 PM, Wes Smith <fathom5 at live.com> wrote:
>>> Hi Andrew
>>> For dynamic peers on a vrf, .... You put the peer group within
>>> 'address-family ipv4 vrf xyz'  paragraph  like this ..
>>> You end up creating a separate peer-group per vrf
>>>
>>> router bgp 1234
>>> bgp listen range 10.xx1.0/24 peer-group DYNPEER
>>> bgp listen limit 1000
>>>
>>> address-family ipv4 vrf XYZ
>>>   neighbor DYNPEER  peer-group
>>>  neighbor DYNPEER remote-as 65011
>>>  neighbor DYNPEER timers 10 65
>>>  neighbor DYNPEER etc etc
>>>     ,,,,,
>>> Wes
>>>
>>>> Date: Tue, 8 Dec 2015 14:44:54 +1300
>>>> From: andrew at networklabs.co.nz
>>>> To: cisco-nsp at puck.nether.net
>>>> Subject: [c-nsp] BGP Dynamic Neighbors + VRF
>>>
>>>>
>>>> Hello,
>>>>
>>>> I have been trying to set up BGP Dynamic Neighbors on a Cisco ASR1002
>>>> as per the documentation
>>>>
>>>> "http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/bgp_dynamic_neighbors.pdf"
>>>> but am coming unstuck when trying to bind to the peer-group from
>>>> within a VRF.
>>>>
>>>> Basic config is:
>>>>
>>>> router bgp 65000
>>>> remote-as 65000
>>>>
>>>> bgp log-neighbor-changes
>>>> bgp listen range 10.23.3.0/24 peer-group nz-peers
>>>> bgp listen limit 200
>>>> neighbor nz-peers peer-group
>>>> neighbor nz-peers remote-as 64632
>>>> neighbor nz-peers ebgp-multihop 255
>>>>
>>>> address-family ipv4 vrf vrf-nz-wan
>>>> redistribute connected
>>>> neighbor nz-peers activate
>>>> exit-address-family
>>>>
>>>>
>>>> However when issuing "neighbor nz-peers activate" I get the following
>>>> error:
>>>>
>>>> % Specify remote-as or peer-group commands first
>>>>
>>>> Is this a configuration that others have done ? Or am I missing
>>>> something fundamental ?
>>>>
>>>>
>>>> Regards,
>>>>
>>>>
>>>>
>>>> Andrew
>>>> _______________________________________________
>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list