Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
871
Views
0
Helpful
0
Replies

Monitor BGP peers under VRF using SNMP Cat9300/IOS-XE

beufanet
Level 1
Level 1

‎01-18-2021 01:59 AM

Hello,

 

I'm trying to monitor BGP peers under VRF IPv4 unicast, using SNMP context. But seems as BGP peers have the same IPv4 addresses, I'm unable to retrieve the correct BGP Status for the peer on SNMP, despite context/VRF definition.

 

Here is my configuration for test :

 

vrf definition 100
 address-family ipv4
  snmp context CTX_100
vrf definition 101
 address-family ipv4
  snmp context CTX_101
!
snmp-server context CTX_100
snmp-server context CTX_101
!
snmp-server user SNMP_100 SNMP_100 v3 auth sha PrivAuth priv aes 128 PrivPass
snmp-server user SNMP_101 SNMP_101 v3 auth sha PrivAuth priv aes 128 PrivPass
!
snmp-server group SNMP_100 v3 priv context CTX_100 read VIEW_100
snmp-server view VIEW_100 iso included
snmp-server group SNMP_101 v3 priv context CTX_101 read VIEW_101
snmp-server view VIEW_101 iso included

 

Here are my 2 BGP neighbors configured in 2 differents VRFs

 

#show bgp vpnv4 unicast all sum

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.13 4 65000 176 175 61 0 0 00:27:10 2
10.1.1.13 4 65000 34 32 61 0 0 00:04:30 2

 

If I poll the SNMP MIB, I've only one peer on each, showing the right value.

user@HOST_SNMP:~$ snmpwalk -v3 10.10.10.3 -a SHA -A PrivAuth -x AES -X PrivPass -l authPriv -u SNMP_100 -n CTX_100 1.3.6.1.4.1.9.9.187.1.2.5.1.
iso.3.6.1.4.1.9.9.187.1.2.5.1.3.1.4.10.1.1.13 = INTEGER: 6
user@HOST_SNMP:~$ snmpwalk -v3 10.10.10.3 -a SHA -A PrivAuth -x AES -X PrivPass -l authPriv -u SNMP_101 -n CTX_101 1.3.6.1.4.1.9.9.187.1.2.5.1.
iso.3.6.1.4.1.9.9.187.1.2.5.1.3.1.4.10.1.1.13 = INTEGER: 6

 

The problem happens when I shutdown one peer, the MIB does not reflect it, I can still see it up and running. If I shutdown the other BGP peer, then the MIB reflects the shutdown. It means that only one peer is shown under the MIB, despite VRF/SNMP context polling?

 

Is there a way on Catalyst 9300 / IOS-XE to reflect BGP peer status using SNMP polling under VRF correctly ? Seems it works fine under IOS-XR, but can't find a way on IOS-XE 16.12 or 17.04 to run it correctly. And can't find a documentation that could explain it's not possible or possible.

 

Can it be linked to the fact that I've 2 BGP peers under 2 differents VRF running with the same IP addresses ?

 

Thanks for the help !

2 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card