06-10-2019 07:00 AM
Hi All,
I am exploring the features of BGP Graceful Maintenance in IOS XR environment.
I am facing difficulties to configure gshut community as I am not able to find any document for configuration guidelines for BGP graceful shutdown for IOS XR.
When I tried to configure for a neighbor under addrress family VPNv4, I am not getting any option to configure send-community-gshut-ebgp under the VPNV4 address-family. For IPv4 I can do that, but I am looking to configure it for eBGP Vpnv4.
Also , I need to know, how can we send the graceful maintenance notification to the neighbor without changing the LP/AS-path prepend and just by attaching the gshut community to prefixes advertised to the neighbor.
Thanks and Regards
Jaideep Choudhary
06-10-2019 11:29 AM - edited 06-10-2019 11:44 AM
Hello Jaideep,
in RFC 8326 there is no mention of address family VPNv4.
see
https://datatracker.ietf.org/doc/rfc8326/?include_text=1
However, this community is a standard BGP community and not an extended BGP community
see
IANA previously assigned the community value 0xFFFF0000 to the 'planned-shut' community in the "BGP Well-known Communities" registry. IANA has changed the name 'planned-shut' to 'GRACEFUL_SHUTDOWN' and updated the reference to point to this document.
In order to be able to support it in VPNv4 AF you need to send both extended BGP communities (like route targets) and standard BGP communities.
Have you enabled sending of standard BGP communities under BGP AF VPNv4?
See below how to create a community set that will make possible to attach the community to routes using a policy.
Edit:
see the following configuration example from the same RFC for IOS XR
community-set comm-graceful-shutdown 65535:0 ! notice the value is equivalent to 0xFFFF0000 end-set ! route-policy AS64497-ebgp-inbound ! normally this policy would contain much more if community matches-any comm-graceful-shutdown then set local-preference 0 endif end-policy !
It is applied to an IPv6 AF neighbor in the example
router bgp 64496 neighbor 2001:db8:1:2::1 remote-as 64497 address-family ipv6 unicast send-community-ebgp route-policy AS64497-ebgp-inbound in ! ! !
So you can try the following:
define the community set as above
enable sending of standard BGP communities in AF VPNv4
configure a policy to set community to the community-set additive and other set as needed.
apply the policy outbound to the VPNv4 neighbor
if commit is successful you should be fine. But the other side must be explicitly configured to react to receiving the 65535:0 community otherwise it will not do anything.
Hope to help
Giuseppe
06-13-2019 03:37 AM
Hi Giuseppe,
Thanks a lot for your response.
"Have you enabled sending of standard BGP communities under BGP AF VPNv4?"
In IOS XR, you don't have to enable sending of communities (also extended communites) in VPNv4 BGP, it is enabled by default.
The configuration sample that you have shown seems to be for the receiving neighbor, so that it can understand the "gshut" community sent by the neighbor which is undergoing the maintenance.
My question here is how can I attach the "gshut" community to the prefixes advertised from the device undergoing Maintenance.
* Do i need to make a specific community set and add the community 65535:0 to my prefixes. If yes, I am not able to see any option other than Local Preference & as-Path under Graceful-maintenance under VPNv4 address family?
* I can make the changes to Local Preference (in case of Ibgp) or AS path, but I am specifically looking for gshut community (if any), as I read a message while activating the graceful maintenance
"it says in order to send the gshut community to the nieghbor, we need to configure "send-gshut-community-ebgp"".
Now if I normally change the LP or as-Path under graceful maintainace, I do not need to configure this "send-gshut-community-ebgp". I have tested this on my lab.
So in which case, shall I configure this command ::"send-gshut-community-ebgp".
I am looking for any way (if there is any) where I can attach my prefixes with a gshut community (without specifying 65535:0 explictly ) and same can be treated accordingly on the receiving side.
06-13-2019 04:14 AM
Hello Jaideep,
I have suggested the following:
configure a community-set object with value 65535:0
configure a policy to set community to the community-set additive and other set as needed.
apply the policy outbound to the VPNv4 neighbor in address-family VPNv4 under the neighbor.
Can you try if this can work on your IOS XR device?
I tried to suggest you a workaround as described above for the lack of the command send-gshut-community-ebgp in VPNv4 address family.
>> I am looking for any way (if there is any) where I can attach my prefixes with a gshut community (without specifying 65535:0 explictly ) and same can be treated accordingly on the receiving side.
I think that the use of a routing policy to attach the community set equivalent to this BGP community is an acceptable workaround for the lack of the command.
But I don't know the details of your network scenario.
From a technical point of view a routing policy is the only way to attach a BGP community to prefixes, as far as I know the missing command does exactly this and I would consider it like a macro.
Hope to help
Giuseppe
06-13-2019 05:51 AM
Hi Giuseppe,
Thanks again for the response. :)
Attaching the particular community with a route-policy won't be the feature of Graceful-Maintenance. For this to work, we need to apply this config manually and remove this after the Maintenance is over.
With Graceful-Maintenance, we can activate (with the activate keyword) it when needed without requiring to add/remove the configuration.
This feature is available for Local Preference and AS-path, but could not see any option for adding the community.
Feel free to correct If I am mistaken.
Regards
Jaideep
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide