Default BGP Peer#
Underlay Routing → DBDefault BGP Peers
The DefaultBGPPeer resource is in many ways similar to the BGPPeer resource, but is deployed in the default VRF instead of the overlay
This means that it has support for more routing protocols, which are required to distribute overlay (service) routes. This resource is used when setting up a BGP session between two IP addresses in the default VRF. It represents a single participant in the BGP session, so if both sides of the BGP session are managed by EDA, two of these resources will need to be created.
Explicit vs implicit target IP
The source IP address of the default BGP peer is always inferred from the SystemInterface or DefaultInterface it is linked to. The target IP address can either be explicitely configured, or implicitely inferred from the neighboring SystemInterface or DefaultInterface.
If the BGP neighbor is managed by EDA and also in the default VRF, you should avoid using explicit IPs.
To set up BGP peers in Router services, use BGPPeer instead.
Dependencies#
To configure this resource, the following resources must exist or be created alongside the BGPPeer
- A
DefaultBGPGroupthat theDefaultBGPPeerwill inherit settings from, such as local and remote AS numbers - An interface that the
DefaultBGPPeerwill use to establish the session. This can either be aSystemInterfaceor aDefaultInterface - The target
SystemInterfaceorDefaultInterface, if the target IP address is not configured explicitely.
Referenced resources#
DefaultBGPGroup#
A DefaultBGPPeer is always linked to a single DefaultBGPGroup. In real-world networks, multiple BGP peers share common parameters, such as BGP import and export policies, local and peer autonomous system numbers, and BGP timers. These parameters can be specified in the group instead, allowing the operator to change these settings in a single location for all linked default BGP peers. All settings in the group can optionally be overridden in the individual peer resources. Configuration inheritance works as follows:
graph LR
A[DefaultBGPPeer] -->|overrides| B
B[DefaultBGPGroup] -->|overrides| C
C[DefaultRouter]
B[DefaultBGPGroup resource]
C[DefaultRouter resource]SystemInterface#
To know which IP address is used to send BGP traffic, EDA must have a reference to a virtual interface. If this interface is a SystemInterface attached directly to the system address of the DefaultRouter, a reference to this resource needs to be provided when creating the DefaultBGPPeer.
This resource type can also be configured as the target of a DefaultBGPPeer, meaning the BGP session will be reconfigured with the new neighbor IP address if the target SystemInterface is changed.
DefaultInterface#
To know which IP address is used to send BGP traffic, EDA must have a reference to a virtual interface. If this interface is an DefaultInterface attached to a DefaultRouter, a reference to this resource needs to be provided when creating the DefaultBGPPeer.
This resource type can also be configured as the target of a DefaultBGPPeer, meaning the BGP session will be reconfigured with the new neighbor IP address if the target DefaultInterface is changed.
Policy#
Routing policies can be specified in various locations of the DefaultBGPPeer resource. These policies are used to filter or modify BGP routes sent/received by this DefaultBGPPeer. If no policies are configured, the default behavior for the router on which the DefaultBGPPeer is configured is followed, which may be different depending on the operating system.
Examples#
apiVersion: protocols.eda.nokia.com/v2
kind: DefaultBGPPeer
metadata:
name: example-bgp-peer-leaf1-spine1
namespace: eda
spec:
dynamicNeighbor: false
group: example-default-group
interface: leaf-1-loopback
interfaceKind: DefaultInterface
peerInterface: spine-1-loopback
peerInterfaceKind: DefaultInterface
cat << 'EOF' | kubectl apply -f -
apiVersion: protocols.eda.nokia.com/v2
kind: DefaultBGPPeer
metadata:
name: example-bgp-peer-leaf1-spine1
namespace: eda
spec:
dynamicNeighbor: false
group: example-default-group
interface: leaf-1-loopback
interfaceKind: DefaultInterface
peerInterface: spine-1-loopback
peerInterfaceKind: DefaultInterface
EOF
Custom Resource Definition#
To browse the Custom Resource Definition go to crd.eda.dev.
DefaultBGPPeer
SPEC
DefaultBGPPeer enables the configuration of BGP sessions within a DefaultRouter. It allows specifying a description, a DefaultInterface reference, and the peer IP address. The resource also supports dynamic neighbors, common BGP settings, and peer-specific configurations.
-
AS Path Options
-
The maximum number of times the global AS number or a local AS number of the BGP instance can appear in any received AS_PATH before it is considered a loop and considered invalid.
default: 0range: 0 to 255 -
Options for removing private AS numbers (2-byte and 4-byte) from the advertised AS path towards all peers.
-
If set to true then do not delete or replace a private AS number that is the same as the peer AS number.
default: false -
If set to true then only delete or replace private AS numbers that appear before the first occurrence of a non-private ASN in the sequence of most recent ASNs in the AS path.
default: false -
The method by which private AS numbers are removed from the advertised AS_PATH attribute.
default: "Disabled"enum: "Disabled", "Replace", "Delete"
-
-
-
Enable or disable Bi-forward Forwarding Detection (BFD) with fast failover.
-
When set to true, all configured and dynamic BGP peers are considered RR clients.
-
Enables route reflect client and sets the cluster ID.
-
Sets the description on the BGP peer.
-
When set to true the DefaultInterface is added to the dynamic-neighbor list for dynamic peering.
default: false -
The autonomous system numbers allowed from peers if dynamic peering is enabled.
-
Reference to a Policy CR that will be used to filter routes advertised to peers.
-
Enables Graceful Restart on the peer and sets the stale route time in seconds.
range: 1 to 3600 -
Reference to a DefaultBGPGroup.
-
Reference to a Policy CR that will be used to filter routes received from peers.
-
Reference to either a DefaultInterface or SystemInterface whose IP will be used as a source IP for the BGP session.
-
Reference to a the Kind of interface whose IP will be used as a source IP for the BGP session.
enum: "DefaultInterface", "SystemInterface" -
Parameters relating to the IPv4 unicast AFI/SAFI.
-
Enables advertisement of IPv4 Unicast routes with IPv6 next-hops to peers.
-
Enables the IPv4 unicast AFISAFI.
-
Configures the maximum number of IPv4 unicast prefixes that can be received from a BGP peer.
-
Configuration of the maximum number of prefixes that can be accepted from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting only accepted routes.
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be accepted before a warning is logged.
range: 1 to 100
-
-
Configuration of the maximum number of prefixes that can be received from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting all routes (accepted and rejected by import policies).
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be received before a warning is logged.
range: 1 to 100
-
-
-
Enables the advertisement of the RFC 5549 capability to receive IPv4 routes with IPv6 next-hops.
-
-
Parameters relating to the IPv6 unicast AFI/SAFI.
-
Enables the IPv6 unicast AFISAFI
-
Enables advertisement of IPv6 Unicast routes with IPv4 next-hops to peers.
-
Configuration of the maximum number of prefixes that can be accepted from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting only accepted routes.
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be accepted before a warning is logged.
range: 1 to 100
-
-
Configuration of the maximum number of prefixes that can be received from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting all routes (accepted and rejected by import policies).
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be received before a warning is logged.
range: 1 to 100
-
-
-
-
Reference to a Keychain resource that will be used for authentication with the BGP peer.
-
Parameters relating to the EVPN AFI/SAFI.
-
Enables advertisement of EVPN routes with IPv6 next-hops to peers.
-
Enables the L2VPN EVPN AFISAFI.
-
Configures the maximum number of EVPN prefixes that can be received from a BGP peer.
-
Configuration of the maximum number of prefixes that can be accepted from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting only accepted routes.
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be accepted before a warning is logged.
range: 1 to 100
-
-
Configuration of the maximum number of prefixes that can be received from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting all routes (accepted and rejected by import policies).
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be received before a warning is logged.
range: 1 to 100
-
-
-
-
The local autonomous system number advertised to peers.
-
Local Autonomous System number.
range: 1 to 4294967295 -
When set to true, the global ASN value is prepended to the AS path in outbound routes towards each BGP peer.
-
When set to true, the local AS value is prepended to the AS path of inbound routes from each EBGP peer.
-
-
Local Preference attribute added to received routes from the BGP peers, also sets local preference for generated routes.
range: 0 to 4294967295 -
Enable multihop for eBGP peers and sets the maximum number of hops allowed.
range: 1 to 255 -
When set to true, the next-hop in all IPv4-unicast, IPv6-unicast and EVPN BGP routes advertised to the peer is set to the local-address.
-
Peer IP to which the peering session will be established. There cannot be both a PeerIp and PeerDefaultInterface property set.
-
Reference to a DefaultInterface or SystemInterface resource to which the peering session will be established. There cannot be both a PeerIp and PeerDefaultInterface property set.
-
Reference to a the Kind of interface to which to peer to.
enum: "DefaultInterface", "SystemInterface" -
When false, all large (12 byte) BGP communities from all outbound routes advertised to the peer are stripped.
-
When false, all standard (4 byte) communities from all outbound routes advertised to the peer are stripped.
-
Options for controlling the generation of default routes towards BGP peers.
-
Enables the sending of a synthetically generated default IPv4 or IPV6 route to each peer.
-
Reference to a Policy that should be applied to the advertised default routes, in order to set their attributes to non-default values.
-
-
Timer configurations
-
The time interval in seconds between successive attempts to establish a session with a peer.
range: 1 to 65535 -
The hold-time interval in seconds that the router proposes to the peer in its OPEN message.
range: 0 to 65535 -
The interval in seconds between successive keepalive messages sent to the peer.
range: 0 to 21845 -
The value assigned to the MinRouteAdvertisementIntervalTimer of RFC 4271, for both EBGP and IBGP sessions, in seconds.
range: 1 to 255
-
-
Parameters related to the VPN IPv4 Unicast AFI/SAFI.
-
Enables advertisement of VPN IPv4 routes with IPv6 next-hops to peers.
-
Enables the VPN IPv4 Unicast AFI/SAFI.
-
Prefix Limit parameters for the VPN IPv4 Unicast AFI/SAFI.
-
Configuration of the maximum number of prefixes that can be accepted from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting only accepted routes.
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be accepted before a warning is logged.
range: 1 to 100
-
-
Configuration of the maximum number of prefixes that can be received from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting all routes (accepted and rejected by import policies).
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be received before a warning is logged.
range: 1 to 100
-
-
-
Enables advertisement of the Extended Next Hop Encoding Capability (RFC 8950) to peers.
-
-
Parameters related to the VPN IPv6 Unicast AFI/SAFI.
-
Enables the VPN IPv6 Unicast AFI/SAFI.
-
Prefix Limit parameters for the VPN IPv6 Unicast AFI/SAFI.
-
Configuration of the maximum number of prefixes that can be accepted from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting only accepted routes.
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be accepted before a warning is logged.
range: 1 to 100
-
-
Configuration of the maximum number of prefixes that can be received from a BGP peer.
-
Defines the action to take when the maximum number of prefixes is exceeded. Session is reset if set to false, otherwise only a warning is logged.
-
Maximum number of prefixes allowed to be received from the neighbor, counting all routes (accepted and rejected by import policies).
format: int32range: 1 to 4294967295 -
A percentage of the maximum number of prefixes that can be received before a warning is logged.
range: 1 to 100
-
-
-
STATUS
DefaultBGPPeerStatus defines the observed state of DefaultBGPPeer
-
Indicated whether the BGP Peer is administratively enabled.
-
Indicates the health score of the BGP peer.
-
Indicates the reason for the health score.
-
The time when the state of the resource last changed.
-
Last event of the BGP peer.
-
Last state of the BGP peer.
-
Hold time negotiated with the BGP peer, in seconds.
-
Keepalive interval negotiated with the BGP peer, in seconds.
-
Operational state of the BGP peer
enum: "Up", "Down", "Degraded", "Unknown" -
Peer AS of the BGP peer.
-
The state of the BGP session.
enum: "Established", "NotEstablished" -
Indicates if the BGP peer is under maintenance.