08-02-2023 04:15 PM
Hello all,
I have a pair of Nexus 7010 in a vPC domain and I am trying to add a second BGP neighbor (please see config below). For some reason I complete lost connectivity to the Nexus after enter "address-family ipv4 unicast" under the new neighbor. Am I missing something in the config ? is there something on the Nexus 7010 that I need to enable to allow it to BGP peer with more than one neighbors ? I have the same config running on a pair of Nexus 9300 with no issues.
router bgp 65172
router-id 172.16.1.69
address-family ipv4 unicast
network 0.0.0.0/0
redistribute static route-map Static-to-BGP
neighbor 172.16.1.70 remote-as 10 (existing neighbor)
address-family ipv4 unicast
route-map Outbound out
soft-reconfiguration inbound
neighbor 172.16.1.78 remote-as 10 (new neighbor that I am trying to add)
address-family ipv4 unicast (for reason I lost connectivity to the Nexus after enter this command)
route-map Outbound out
soft-reconfiguration inbound
Thank you very much !!! I appreciate any inputs / suggestions !!
Danny
08-02-2023 06:22 PM - edited 08-02-2023 06:23 PM
Hello
@dtran wrote:
I have the same config running on a pair of Nexus 9300 with no issues.
Can you elaborate on the above, are you trying to replace te Nk9 with these NK7 or do you mean you have similar configuration on a Nk9 that works, I assume the latter?
Regards the NK7 new ebgp peering, again i am assuming all present egress/ingress traffic is routing via 172.16.1.70?
What may have happened is once the peering became active you lost connection as the traffic rerouted via the new ebgp peering and maybe some routes were withdrawn from bgp that then negated your access.
This is all assumption at this time as your topology is unclear however to bring up a new ebgp safely you could have disabled an ipv4 bgp peering from actively forming until you activate the AF instance manually with the following command under the bgp routing process no bgp default ipv4-unicast however this is usually a global command associated to all AF unicast peering’s, so if you apply it whist you already have active ipv4 peer I believe that active peer will be torn down until you manually re-activate it.
neigbour x.x.x.x active.
an altentaive to this would be to apply the peering and then shut it down straight after
router bgp xxx
neighbor 172.16.1.78 remote-as 10
neighbor 172.16.1.78 shutdown
Once its shutdown, you can then apply some traffic engineering so your routing won’t change as/when the new ebgp peering is activated, and you can do this with some bgp attributes (weight/as-path prepending)
First though can you elaborate on your topology a little bit more and the existing Outbound route-map thats applied?
08-03-2023 12:32 PM
Hello Paul,
Thanks Paul !!! I very much appreciate your help !!!
Yes, I have the same setup at another location with the N9K with no issues
Below is a screenshoot of the layout, pretty straightforward. The 172.16.1.70 neighbor is the primary currently handling all ingress / egress traffic. I have configured the secondary device where the N7K will always prefer the primary device for egress traffic and ingress traffic will always prefer the primary device as well. I added the second BGP neighbor (neighbor 172.16.1.78 remote-as 10) to the N7K-1 first and as soon as I enter the command "address-family ipv4 unicast" I lost connectivity to N7K-1 but I can still get to N7K-2 and that's how I was able to get back into N7K-1 to rollback the changes. Seemed like traffic couldn't get through N7K-1 once I made the change.
Thanks Paul !!!!
Danny
08-11-2023 07:27 AM
Hi
I send you private message
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide