Solved: Re: SDA Border BGP MD5 authentication

Sylvain_Che · ‎07-24-2021

Hi,

DNA Center doesn't currently have an option to protect the BGP sessions on the Border L3-Handoff configuration.

Can we manually add the password/MD5 authentication on the BGP configuration of the Border node without the risk of being overwritten at some point?

(My fabric is not in production yet)

Best regards,

Sylvain.

willwetherman · ‎07-24-2021

Hi @Sylvain_Che

Yes this is possible. I have applied additional BGP settings such as BFD, max-paths and MD5 authentication to the DNAC automated L3-handoff configuration using a template without any issues. Example template below. DNA Center does not overwrite these settings.

## Border Handoff Advanced Interface Configuration
interface Vlan3001
bfd interval 100 min_rx 100 multiplier 3
no bfd echo

## Border Handoff Advanced BGP Configuration
router bgp 65000
address-family ipv4 vrf corp_vn
neighbor 10.1.1.2 fall-over bfd
neighbor 10.1.1.2 password <password>
maximum-paths 2

View solution in original post

willwetherman · ‎07-24-2021

Hi @Sylvain_Che

Yes this is possible. I have applied additional BGP settings such as BFD, max-paths and MD5 authentication to the DNAC automated L3-handoff configuration using a template without any issues. Example template below. DNA Center does not overwrite these settings.

## Border Handoff Advanced Interface Configuration
interface Vlan3001
bfd interval 100 min_rx 100 multiplier 3
no bfd echo

## Border Handoff Advanced BGP Configuration
router bgp 65000
address-family ipv4 vrf corp_vn
neighbor 10.1.1.2 fall-over bfd
neighbor 10.1.1.2 password <password>
maximum-paths 2