Solved: ASR920 BGP on BDI interface doesn't work - Page 3

spadhausen · ‎02-23-2025

Hello, I have a big issue:

ASR920 with 2x 10GBe on a port channel to my uplink (0.0.0.0) and BGP running OK

2x10GBe on a port channel where I receive qnq vlans.

I have created a BDI interface, I can ping the remote ends with no issue.

The issue is that I cannot reach via telnet nor run BGP on the BVI.

I set a /30 ip on the BDI, I can ping and trace the remote end (no ACL, no filters, nothing). I cannot telnet the remote end, nor BGP.

Is there a limitation of the BGP functionality on BDI interface on ASR920?

ASR920MIX#sh ver
Cisco IOS XE Software, Version 17.06.02
Cisco IOS Software [Bengaluru], ASR920 Software (PPC_LINUX_IOSD-UNIVERSALK9_NPE-M), Version 17.6.2, RELEASE SOFTWARE (fc7)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2021 by Cisco Systems, Inc.
Compiled Tue 23-Nov-21 10:17 by mcpre

ROM: 15.6(48r)

ASR920MIX uptime is 9 weeks, 1 day, 21 hours, 39 minutes
Uptime for this control processor is 9 weeks, 1 day, 21 hours, 46 minutes
System returned to ROM by reload at 23:05:24 ITALY Thu Dec 19 2024
System restarted at 15:04:46 ITALY Fri Dec 20 2024
System image file is "bootflash:asr920-universalk9_npe.17.06.02.SPA.bin"
Last reload reason: PowerOn

License Level: advancedmetroipaccess
License Type: Permanent
Next reload license Level: advancedmetroipaccess

Smart Licensing Status: Smart Licensing is DISABLED

cisco ASR-920-4SZ-A (Freescale P2020) processor (revision 1.0 GHz) with 864646K/6147K bytes of memory.
Processor board ID CAT2230U0TC
2 Gigabit Ethernet interfaces
4 Ten Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
3670016K bytes of physical memory.
1231647K bytes of eMMC flash at bootflash:.

I have also tried to create a loopback interface and run BGP from there, with no success.

==========================================

interface Loopback1
description virtual interface for BGP
ip address 100.80.2.110 255.255.255.255
no ip redirects
no ip proxy-arp
!
interface Port-channel2
mtu 9000
no ip address
no ip redirects
no ip proxy-arp

service instance 306 ethernet
encapsulation dot1q 306 second-dot1q 10
rewrite ingress tag pop 2 symmetric
bridge-domain 11 split-horizon group 0

interface BDI11
ip address 100.80.5.1 255.255.255.252
no ip redirects
no ip proxy-arp
!

TEST: If I set the remote neighbour 100.80.5.2: doesnt work, the peer is DIRECTLY CONNECTED

If I set a remote loopback on the remote device and set a static route, DONT WORK

If I remove the static route and the path to the remote loopback address goes through wan with another route, works.

The are NO FILTERS, just a bunch of qnq in the port-channel2

Seems that when traffic goes through BDI it doesnt work.

Dr. Spadoni

spadhausen · ‎02-24-2025

Sorry

To the juniper there is a port-channel usign 2x10G, everything is OK there. there is a /29 directly connected and it works OK.

The issue is on the BDI interface! Everything going out from the BDI interface is not working.

My final question is:

Are there any limitations doing BGP on the BDI interface?

Does the BDI interface has any limitations doing telnet/BGP and so on?

I have a peer on the BDI interface, directly connected via /30 and BGP is not working there. No packet goes outside nor the BGP port on the BDI interface is reachable,

Dr. Spadoni

MHM Cisco World · ‎02-24-2025

use static route for LO dont use default route

MHM

spadhausen · ‎02-24-2025

But the sessiom doesnt work even on directly connected interface on /30 on BDI. On physical interface it works

Dr. Spadoni

MHM Cisco World · ‎02-25-2025

Ok'

Start

Debug ip bgp <<-

Debug tcp <<-

MHM

spadhausen · ‎03-12-2025

I have finally found the issue.

The metro-eth ISP DROPS every packet that is not marked as COS0.

The issue is that BGP goes out from the interface in COS6.

On the ASR920 I cannot set an egress policy on a BDI interface.

I have replaced it with a 1001X, and it doesn't need any policy since the BGP traffic is not marked with a predetermined COS.

Dr. Spadoni