Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2524
Views
5
Helpful
4
Replies

E-BGP ACI - ASR router not working, idle, please help

Rob85
Level 1
Level 1

‎05-11-2016 05:31 AM - edited ‎03-01-2019 04:57 AM

Hi I'm busy in my lab with creating a BGP connection to the outside world (inside my DC).

Right now I'm suck, the BGP connection stays on Idle. Hopefully someone can help me because I can’t find anything on the web about this.

 

My goal is to create an E-BGP connection between the AIC fabric and an ASR router. The ASR router has a subinterface facing a switch environment. And I've connected an ACI leaf switch with another fabric leaf switch (fabricpath). And I’ve added the VLAN that corresponds with the subinterface on the ASR router.

Under Fabric tab:

First I created a static VLAN pool with only one VLAN.

Then I created a physical domain and linked the VLAN pool.

Then I created a new policy group, Set the speed, cdp, lldp and selected the port on the ACI leaf switch that’s connected to the Fabricpath switch.

Then I created an Attachable Access policy and there I linked the physical domain.

Under switch profiles > profiles the port which is connected to the Fabricpath domain is added to the switch profile.

ATM, The ACI fabric uses BGP AS 1 for testing; we’ll change this in the future.

 

Then I created a new Tenant. 

Inside this Tenant I created a new private network / VRF.

Also I created a new bridge domain and linked them together.

Then I created a new Routed Outside under External Routed networks: L3Out.

I specified the private domain, and selected BGP.

I created a new node profile; under nodes I gave it router id 1.1.1.1

And I’ve added a loopback 10.4.17.1 which will be used by BGP.

Also I created a static for the ASR loopback address with next hop 10.4.10.2/24.

Under the External Routed networks> Logical node profiles > logical interface profiles, I created an SVI, corresponding with the subinterface on the ASR router.

ACI = 10.4.10.4/24 , ASR=10.4.10.2/24

Also I specified the path (which is the ACI switchport).

Then I created under the Logical interface profile the BGP peer connectivity profile.

I specified the loopback of the ASR router ( which ACI has a static route towards).

Under BGP controls, I selected BGP comm and BGP ex comm, TTL 3, Remote AS of the ASR. I used no Local-AS config, and under local-AS number I specified an 64xxx AS number.

Then I created under External Routes Networks> L3Out a new External network.

I linked the correct private network; I’ve added 0.0.0.0/0 with scope:

  • External Subnets for External EPG
  • Shared Security Import Subnet

And under contracts I added default on the provided as well as consumed contract

Ok so what is working?

 

I can ping from the ASR router 10.4.10.2 towards the peer IP 10.4.10.4. This means the encap settings etc are ok.

I can also ping from the ASR router loopback interface the loopback on ACI. So the statics are also ok.

If I do a show bgp summ on the ASR I see:

 

Neighbor        Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down  St/PfxRcd

10.4.17.1         0 64557       0    2576        0    0    0 00:00:00 Idle!

 

It doesn’t receive BGP messages.

 

Can somebody help me?

 

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Tomas de Leon
Cisco Employee
Cisco Employee

‎05-11-2016 05:36 AM

I am curious.. sorry for the basic question but we see this all the time.

Did you configure the BGP Route Reflector Policy and apply it to the Pod Policy Group\Profile under the Fabric Policies\Pod Policies?

Thanks

T.

0 Helpful

Rob85
Level 1
Level 1
In response to Tomas de Leon

‎05-11-2016 05:56 AM

Your question is not a problem at all :)

Under Fabric Policies > Pod policies > Policies, there is a BGP Route Reflector default policy. With AS number 1 and the two spines switches of the ACI fabric configured.

Under the L3Out I specified AS 645xx under local-as. 

On the ASR I configured this:


router bgp 64xxx

neighbor-group ACI
remote-as 645xx
ebgp-multihop 3
update-source Loopback0
address-family ipv4 unicast

neighbor 10.4.17.1
use neighbor-group ACI

How do you start troubleshooting on ACI in this case? Or do you have more things to look out for?

0 Helpful

Daniel.patterson
Level 1
Level 1
In response to Rob85

‎10-24-2016 01:04 PM

Rob,

Did you ever find a resolution to your issue?  I am having similar issues as well.  

Daniel

0 Helpful

Jason Williams
Level 1
Level 1

‎05-17-2016 10:31 AM

The ASR reports sent BGP messages but nothing received. Lets see the full output of the BGP neighbors command from the ACI leaf. 

leaf# show ip bgp neighbors vrf vrf_name

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License