Solved: XRd Sandbox - BGP Status Active Not Able to Form TCP Connection - Page 2

mood977 · ‎11-12-2024

Hi Guys,

I've lunched the XRd Sandbox which include multiple XRd devices as a docker containers ..

I'm not able to form BGP neighborship, I assume the TCP port 179 is not open ..

Do anyone faced the same issue and how to solve it ?

Noting that I don't have much experience with docker.

Thanks

RP/0/RP0/CPU0:xrd-2#show bgp vpnv4 unicast summary

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 6 6 6 6 6 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
100.100.100.108 0 100 0 0 0 0 0 00:00:00 Active

RP/0/RP0/CPU0:xrd-2#sho tcp brief
0x00007fc8b00086b0 0x60000000 0 0 100.100.100.102:32388 100.100.100.107:4189 SYNSENT
0x00007fc8a800d940 0x60000000 0 0 100.100.100.102:24368 100.100.100.107:179 SYNSENT
0x00007fc8c000c740 0x60000000 0 0 100.100.100.102:56718 100.100.100.108:179 SYNSENT

Jesus Illescas · ‎11-29-2024

What I found more interesting was to see why ISIS worked while BGP doesn't.

It turns out to be specific to the topology we are using, in this case using docker. When xr-compose is used to load a topology of XRd containers, docker bridge networks are used to interconnect the XRd containers.

By default docker bridge will create iptables that will filter IP packets and to keep containers isolated from one another in different networks. As you may know ISIS doesnt use IP while BGP does, that's why we could see ISIS neighborship coming up while BGP was broken.

When you deploy XRd in other environments like K8s, docker bridge networks are not used, therefore this couldn't have happened. So is specific to scenarios using xr-compose.

mood977 · ‎11-29-2024

I've launched the sandbox and everything looks good.

Again, @Jesus Illescas, @Harold Ritter, & @bigevilbeard appreciate your efforts guys!

Thanks

Harold Ritter · ‎11-29-2024

You are very welcome @mood977 and thanks for the feedback

Regards,
Harold Ritter, CCIE #4168 (EI, SP)