search

napalm-automation / napalm-ansible

Apache License 2.0
245 stars 103 forks source link

Error when deploying valid BGP VRF Address family config to a Cisco 9300 switch #209

Closed richardjohnallsopp closed 2 months ago

richardjohnallsopp commented 2 months ago

Hey folks, I'm seeing a strange error when deploying valid BGP VRF address family config to a Cisco 9300 switch.

ansible==8.7.0
ansible-compat==24.6.0
ansible-core==2.15.12
ansible-pylibssh==1.1.0
napalm==5.0.0

If I copy and paste the following (edited to remove sensitive values) to the switch it works fine, peers are established and routes are exchanged with my ISP. 

router bgp 4217001000
 bgp router-id vrf auto-assign
 bgp log-neighbor-changes
 bgp graceful-restart
 !
 address-family ipv4 vrf INTERNET
  redistribute connected route-map CONNECTED_TO_BGP
  redistribute static route-map STATIC_TO_BGP
  neighbor 1.1.1.1 remote-as 6500
  neighbor 1.1.1.1 local-as 6501 no-prepend replace-as
  neighbor 1.1.1.1 description ISP_1
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 soft-reconfiguration inbound
  neighbor 1.1.1.1 route-map ISP_IN in
  neighbor 1.1.1.1 route-map ISP_OUT out
  neighbor 1.1.1.2 remote-as 6500
  neighbor 1.1.1.2 local-as 17025 no-prepend replace-as
  neighbor 1.1.1.2 description ISP2
  neighbor 1.1.1.2 activate
  neighbor 1.1.1.2 soft-reconfiguration inbound
  neighbor 1.1.1.2 route-map ISP_FAILOVER_IN in
  neighbor 1.1.1.2 route-map ISP_FAILOVER_OUT out
 exit-address-family
!

This is the error I get when pushing any config to the switch is.

TASK [Install IOS config with 5 minute auto roll back] ************************************************************************************************************************************************************************************************************************************************************************************************************************
fatal: [yok-edge-01.mgmt.epicgames.net -> localhost]: FAILED! => changed=false 
  msg: |-
    cannot install config: Candidate config could not be applied
    Rollback Confirmed Change: Backing up current running config to flash:switch-01-Jul-25-11-55-19.232-UTC-15

    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    % BGP context not been initialized properly.
    Failed to apply command  neighbor 1.1.1.1 activate
    Aborting Rollback.

    Rollback failed.Reverting back to the original configuration: flash:switch-01-Jul-25-11-55-18.938-UTC-14 ...

    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    % BGP context not been initialized properly.
    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    % BGP context not been initialized properly.
    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    % Topology global::IPv4 Unicast::base is currently being deconfigured.
    Total number of passes: 1
    Rollback Done

    The original configuration has been successfully restored.

It looks to me like it's trying to activate the peers in the IPV4 address family/deactivate the IPV4 unicast address family instead of just deploying the VRF address family.

I want to say that I've been using Napalm to mange our global network for over 5 years now and I don't see this issue with Arista likely due to to their atomic commit process for deploying configs.

richardjohnallsopp commented 2 months ago

This was my bad for missing the indentation after the VRF address family when rendering the config.