Unable to configure BGP neighbors for different VRFs in VyOS 1.4

ZettaiNonSugar · March 11, 2022, 8:14am

Version: VyOS 1.4-rolling-202203080319

An error will occur when making the following settings.

vyos@VyOS1# set vrf name R1 protocols bgp neighbor 192.168.15.5 address-family ipv4-unicast
[edit]
vyos@VyOS1# set vrf name R1 protocols bgp neighbor 192.168.15.5 remote-as 65005
[edit]
vyos@VyOS1# commit

Can not configure a local address as neighbor "192.168.15.5"

[[vrf name R1 protocols bgp]] failed
Commit failed
[edit]
vyos@VyOS1#

“192.168.15.5” belongs to a different VRF, so it is not a local address with VRF = R1.
Is there any way around this error?

ZettaiNonSugar · March 11, 2022, 7:32am

As a workaround, I did the following:

vyos@VyOS1:~$ sudo vi /usr/libexec/vyos/conf_mode/protocols_bgp.py


                # Only checks for ipv4 and ipv6 neighbors
                # Check if neighbor address is assigned as system interface address
                if is_ip(peer) and is_addr_assigned(peer):
                    #raise ConfigError(f'Can not configure a local address as neighbor "{peer}"') <-- Comment out
                    pass <--Insert

vyos@VyOS1:~$ reboot

The following settings have been made and it is working fine.

vyos@VyOS1:~$ sh conf com | grep bgp
set vrf name R1 protocols bgp local-as '65001'
set vrf name R1 protocols bgp neighbor 192.168.15.5 address-family ipv4-unicast
set vrf name R1 protocols bgp neighbor 192.168.15.5 remote-as '65005'
set vrf name R1 protocols bgp parameters router-id '1.1.1.1'
set vrf name R5 protocols bgp address-family ipv4-unicast network 10.0.0.0/24
set vrf name R5 protocols bgp local-as '65005'
set vrf name R5 protocols bgp neighbor 192.168.15.1 address-family ipv4-unicast
set vrf name R5 protocols bgp neighbor 192.168.15.1 remote-as '65001'
set vrf name R5 protocols bgp parameters router-id '5.5.5.5'



vyos@VyOS1:~$ sh int | grep 192.168.15
eth1.915         192.168.15.1/24                   u/u  R1--R5
eth2.915         192.168.15.5/24                   u/u  R5--R1


vyos@VyOS1:~$ sh ip bgp vrf R1 summary

IPv4 Unicast Summary (VRF R1):
BGP router identifier 1.1.1.1, local AS number 65001 vrf-id 5
BGP table version 5
RIB entries 2, using 368 bytes of memory
Peers 1, using 723 KiB of memory

Neighbor        V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt Desc
192.168.15.5    4      65005        23        22        0    0    0 00:01:12            1        1 N/A

Total number of neighbors 1

Could someone please fix it correctly?

fernando · March 11, 2022, 12:14pm

if understood correctly , the main idea is set two different process in different vrf and it doesn’t allow you. is it correct ?

ZettaiNonSugar · March 11, 2022, 1:03pm

I’m not good at English and use automatic translation, so I might be saying something strange.

My purpose is to create multiple VRFs on one VyOS router and run a BGP process on each.
I want to use VRF and VIF to learn routing protocols with less resources.
This technique worked well in OSPF.
However, BGP does not work because the address assigned to the interface of the VyOS router cannot be specified as a neighbor.
Even if it’s an address with a different VRF.

fernando · March 11, 2022, 1:40pm

I understand ,to accomplish this task we’ll configure the following:

set protocols bgp neighbor <address|interface> local-as <asn> [no-prepend] [replace-as]

per vrf where local-as AS should be your AS on this VRF . I know that it’s a bit confusing with the main local-as , but they are differents . here’s a explanation about this :

https://docs.vyos.io/en/latest/configuration/protocols/bgp.html?highlight=bgp#cfgcmd-set-protocols-bgp-neighbor-address-interface-local-as-asn-no-prepend-replace-as

regards

ZettaiNonSugar · March 11, 2022, 2:31pm

Thank you for your teaching.

The documentation is too difficult for me to understand.
If possible, could you please show me the sample config?

It is assumed as shown in the figure.

 [VRF_R1]eth1.915---[L2 Switch]---eth2.915[VRF_R5]

VRF_R1: AS65001
VRF_R5: AS65005
eth1.915: 192.168.15.1/24
eth2.915: 192.168.15.5/24

I tried the following settings, but got an error when committing.

set vrf name R1 table '1001'
set vrf name R5 table '1005'
set interfaces ethernet eth1 vif 915 address '192.168.15.1/24'
set interfaces ethernet eth1 vif 915 vrf 'R1'
set interfaces ethernet eth2 vif 915 address '192.168.15.5/24'
set interfaces ethernet eth2 vif 915 vrf 'R5'
set vrf name R1 protocols bgp local-as '65001'
set vrf name R1 protocols bgp neighbor 192.168.15.5 address-family ipv4-unicast
set vrf name R1 protocols bgp neighbor 192.168.15.5 remote-as '65005'
set vrf name R1 protocols bgp parameters router-id '1.1.1.1'
set vrf name R5 protocols bgp address-family ipv4-unicast network 10.5.0.0/24
set vrf name R5 protocols bgp local-as '65005'
set vrf name R5 protocols bgp neighbor 192.168.15.1 address-family ipv4-unicast
set vrf name R5 protocols bgp neighbor 192.168.15.1 remote-as '65001'
set vrf name R5 protocols bgp parameters router-id '5.5.5.5'

fernando · March 11, 2022, 3:31pm

the main problem here is that you try to make a bgp session with the same router .if you create different neighbors with multiple vrfs. it works:

vyos@vyos# run show configuration commands | match bgp
set vrf name R1 protocols bgp local-as '65001'
set vrf name R1 protocols bgp neighbor 192.168.15.10 address-family ipv4-unicastpv4-unicast
set vrf name R1 protocols bgp neighbor 192.168.15.10 remote-as '65005'-as '65001'
set vrf name R1 protocols bgp parameters router-id '1.1.1.1'
set vrf name R5 protocols bgp address-family ipv4-unicast network 10.5.0.0/24
set vrf name R5 protocols bgp local-as '65005'
set vrf name R5 protocols bgp neighbor 192.168.15.20 address-family ipv4-unicast
set vrf name R5 protocols bgp neighbor 192.168.15.20 remote-as '65001'
set vrf name R5 protocols bgp parameters router-id '5.5.5.5'
[edit]

ZettaiNonSugar · March 12, 2022, 2:23am

Thank you for your reply, fernando.

It is possible for different routers to be BGP peers.
What I want to try is a BGP peer relationship between different VRFs in the same router.
An error will occur when committing the config.

It looks like VyOS is displaying a message in the following code part:

/usr/libexec/vyos/conf_mode/protocols_bgp.py:

                if is_ip(peer) and is_addr_assigned(peer):
                    raise ConfigError(f'Can not configure a local address as neighbor "{peer}"')

Is it possible to solve this?

Nikolay · March 13, 2022, 1:24am

I’m not sure if the router can do BGP neighboring to itself.
The “VRF Route Leaking” functionality is used to transfer routes between VRFs within the router:
https://docs.vyos.io/en/latest/configuration/vrf/index.html#l3vpn-vrf-route-leaking

ZettaiNonSugar · March 13, 2022, 6:32am

Thanks to Nikolay for the idea.

However, My purpose is to learn routing protocols.
I want to run multiple BGP processes on one VyOS router to build peer relationships with each other.
If I could do that, I would find it very useful as it would allow me to run many routing processes with less resources.

I hope it works if I can avoid the commit error.
I would be grateful if anyone could fix it.

e.khudiyev · March 14, 2022, 11:46am

Hi @ZettaiNonSugar , I think you can request these changes on https://phabricator.vyos.net/ for further analysis and compatibility with the rest of the functionality. In your workaround, it seems that you completely switching off the BGP configuration checks, but instead you can request changes for allowing such configuration while different VRFs are used.

ZettaiNonSugar · March 26, 2022, 12:21am

Thank you for your advice. I will make a request.

ZettaiNonSugar · March 27, 2022, 4:01am

It was fixed in VyOS 1.4-rolling-202203261656.
Thank you very much.