search

arista-netdevops-community / avd-cEOS-Lab

A repository with playbooks to implement basic EVPN/VXLAN Fabric using Arista AVD and cEOS-Lab
https://arista-netdevops-community.github.io/avd-cEOS-Lab/
Apache License 2.0
61 stars 12 forks source link

bgp cannot be established after config deployed #17

Closed synliao closed 3 weeks ago

synliao commented 1 month ago

DC1_SPINE1#sh run | s router bgp router bgp 65001 router-id 192.168.255.1 no bgp default ipv4-unicast distance bgp 20 200 200 maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.1 remote-as 65101 neighbor 172.31.255.1 description DC1_LEAF1A_Ethernet1 neighbor 172.31.255.5 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.5 remote-as 65101 neighbor 172.31.255.5 description DC1_LEAF1B_Ethernet1 neighbor 172.31.255.9 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.9 remote-as 65102 neighbor 172.31.255.9 description DC1_SVC2A_Ethernet1 neighbor 172.31.255.13 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.13 remote-as 65102 neighbor 172.31.255.13 description DC1_SVC2B_Ethernet1 neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.3 remote-as 65101 neighbor 192.168.255.3 description DC1_LEAF1A neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.4 remote-as 65101 neighbor 192.168.255.4 description DC1_LEAF1B neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.5 remote-as 65102 neighbor 192.168.255.5 description DC1_SVC2A neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.6 remote-as 65102 neighbor 192.168.255.6 description DC1_SVC2B redistribute connected route-map RM-CONN-2-BGP ! address-family evpn neighbor EVPN-OVERLAY-PEERS activate ! address-family ipv4 no neighbor EVPN-OVERLAY-PEERS activate neighbor IPv4-UNDERLAY-PEERS activate DC1_SPINE1# DC1_SPINE1#sh ip bgp sum BGP summary information for VRF default Router identifier 192.168.255.1, local AS number 65001 Neighbor Status Codes: m - Under maintenance Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc DC1_LEAF1A_Ethernet1 172.31.255.1 4 65101 0 0 0 0 00:18:25 Active DC1_LEAF1B_Ethernet1 172.31.255.5 4 65101 0 0 0 0 00:18:25 Active DC1_SVC2A_Ethernet1 172.31.255.9 4 65102 0 0 0 0 00:18:25 Active DC1_SVC2B_Ethernet1 172.31.255.13 4 65102 0 0 0 0 00:18:25 Active

[root@DC1-SPINE1 /]# netstat -tuplan | grep 179 tcp6 0 0 :::179 :::* LISTEN 3056/Bgp [root@DC1-SPINE1 /]# telnet 172.31.255.1 179 Trying 172.31.255.1... telnet: connect to address 172.31.255.1: Connection refused [root@DC1-SPINE1 /]#

DC1_LEAF1A#sh run | s router bgp router bgp 65101 router-id 192.168.255.3 no bgp default ipv4-unicast distance bgp 20 200 200 maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self neighbor MLAG-IPv4-UNDERLAY-PEER description DC1_LEAF1B neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER neighbor 10.255.251.1 description DC1_LEAF1B neighbor 172.31.255.0 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.0 remote-as 65001 neighbor 172.31.255.0 description DC1_SPINE1_Ethernet1 neighbor 172.31.255.2 peer group IPv4-UNDERLAY-PEERS neighbor 172.31.255.2 remote-as 65001 neighbor 172.31.255.2 description DC1_SPINE2_Ethernet1 neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.1 remote-as 65001 neighbor 192.168.255.1 description DC1_SPINE1 neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS neighbor 192.168.255.2 remote-as 65001 neighbor 192.168.255.2 description DC1_SPINE2 redistribute connected route-map RM-CONN-2-BGP ! vlan-aware-bundle Tenant_A_OP_Zone rd 192.168.255.3:10 route-target both 10:10 redistribute learned vlan 110-111 ! address-family evpn neighbor EVPN-OVERLAY-PEERS activate ! address-family ipv4 no neighbor EVPN-OVERLAY-PEERS activate neighbor IPv4-UNDERLAY-PEERS activate neighbor MLAG-IPv4-UNDERLAY-PEER activate ! vrf Tenant_A_OP_Zone rd 192.168.255.3:10 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.3 neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected

bash-5.1# netstat -tuplan | grep 179 tcp6 0 0 :::179 :::* LISTEN 2851/Bgp bash-5.1#

DC1_LEAF1A#ping 172.31.255.2 PING 172.31.255.2 (172.31.255.2) 72(100) bytes of data. 80 bytes from 172.31.255.2: icmp_seq=1 ttl=64 time=0.104 ms 80 bytes from 172.31.255.2: icmp_seq=2 ttl=64 time=0.024 ms 80 bytes from 172.31.255.2: icmp_seq=3 ttl=64 time=0.022 ms 80 bytes from 172.31.255.2: icmp_seq=4 ttl=64 time=0.015 ms 80 bytes from 172.31.255.2: icmp_seq=5 ttl=64 time=0.016 ms

--- 172.31.255.2 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.015/0.036/0.104/0.034 ms, ipg/ewma 0.093/0.068 ms DC1_LEAF1A#telnet 172.31.255.0 179 Trying 172.31.255.0... telnet: connect to address 172.31.255.0: Connection refused

UchihaItachiSama commented 3 weeks ago

Hi @synliao

can you let me know what is the cEOS-Lab version you are using.

Also can you share the following version information:

Additionally as a test could you remove the BGP password configurations from the peers from the input variables

bgp_peer_groups:
  ipv4_underlay_peers:
      password: "AQQvKeimxJu+uGQ/yYvv9w=="
  evpn_overlay_peers:
      password: "q+VNViP5i4rVjW1cxFv2wA=="
  mlag_ipv4_underlay_peer:
      password: "vnEaG8gMeQf3d3cN6PktXQ=="

or remove from the CLI and bounce the peer (shut/no shut) and confirm if that is working?

synliao commented 3 weeks ago

Thanks Himanshu,

it works after removing the bgp password from cli.

Appreciated!