eBGP running over GRE on Brocade Vyatta OS

On Softlayer, Vyatta 6.x Subscription Edition (64 bit) is offered. This subscription version Vyatta OS is provided by Brocade.

The latest version of Brocade Vyatta OS is VSE6.7R5S1.

Today, I just met another “difference” between Vyatta OS and other traditional vendors like Cisco and Juniper. The difference is on eBGP over GRE tunnel.

Like Cisco and Juniper, eBGP session is established between two GRE end points on Vyatta OS.

Vvyatta@vyatta:~$ show ip bgp summary 

BGP router identifier 172.16.100.2, local AS number 103

BGP table version is 73

3 BGP AS-PATH entries

0 BGP community entries

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.16.100.1    4   100     143     141       73    0    0 00:52:33        0

172.16.100.5    4   100     148     147       73    0    0 01:11:53        0

However, i cant see any BGP routing in the routing table.

vyatta@vyatta:~$ show ip route 

Codes: K – kernel, C – connected, S – static, R – RIP, B – BGP

       O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2

       i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

       > – selected route, * – FIB route, p – stale info

C    *> 10.1.1.0/24 is directly connected, eth0

C    *> 127.0.0.0/8 is directly connected, lo

C    *> 172.16.32.0/24 is directly connected, lo

C    *> 172.16.100.0/30 is directly connected, tun1

C    *> 172.16.100.4/30 is directly connected, tun2

C    *> 192.168.56.0/24 is directly connected, eth1

C    *> 192.168.100.0/24 is directly connected, lo

I can see the BGP routing has been advertised by remote BGP peer and received by the local BGP router.

vyatta@vyatta:~$ show ip bgp neighbors 172.16.100.5 received-routes 

BGP table version is 70, local router ID is 172.16.100.2

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal

Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 172.16.31.0/24   172.16.100.5                           0 100 i

*> 192.168.107.0    172.16.100.5                           0 100 i

*> 192.168.108.0    172.16.100.5                           0 100 100 100 100 i

After performed a BGP debug, I see the below:

Mar  6 03:13:53 vyatta BGP[2472]: BGP: 172.16.100.1-Outgoing [RIB] Update: Prefix 172.16.31.0/24 denied due to non-connected next-hop;

Mar  6 03:13:53 vyatta BGP[2472]: BGP: 172.16.100.1-Outgoing [RIB] Update: Prefix 192.168.107.0/24 denied due to non-connected next-hop;

Interesting, Vyatta OS consider GRE tunnel as non-connected network which is different from Cisco/Juniper. More interestingly, the BGP neighbor session is allowed to be established but it denies the BGP routing injection.

Anyway, I add the following in my eBGP configuration. Then everything is OK! Job Done!

set protocols bgp 103 neighbor 172.16.100.1 ebgp-multihop ‘2’

set protocols bgp 103 neighbor 172.16.100.5 ebgp-multihop ‘2’

Tips: how to perform BGP debug on Vyatta

#monitor protocol bgp enable events 

#monitor protocol bgp enable updates

Update: Brocade just confirmed the above BGP issue which i met is a Bug. They will fix it ASAP.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s