Network & Security VMUG Community

Expand all | Collapse all

BGP and NSX-T

  • 1.  BGP and NSX-T

    Posted 06-25-2020 04:57 PM
    Howdy folks!

    Was curious to know if there are any NSX-T DC / Network specialists or architects in the group that can help solve a particular BGP route-redistribution problem.  May be config-related.

    Thanks in advance!

    -Kris

    ------------------------------
    Kristian Gonzalez
    Cloud Architect
    IBM
    Austin TX
    737-867-0485
    ------------------------------


  • 2.  RE: BGP and NSX-T

    Posted 06-26-2020 11:12 AM
    Yes there's a whole bunch of us, many of us are also on the VMware reddit if you want a more interactive conversation.

    ------------------------------
    Simon Hamilton-Wilkes Practice Manager VMC, Network & Security
    Other
    P1 Technologies
    Rancho Palos Verdes CA
    ------------------------------



  • 3.  RE: BGP and NSX-T

    Posted 06-26-2020 11:23 AM
    What version?

    And are you trying to distribute a specific segment, static route, NAT or all connected segments

    Gareth Llewellyn

    ------------------------------
    Gareth Llewellyn
    vCumulus Ltd
    linkedin.com/in/gallewellyn
    ------------------------------



  • 4.  RE: BGP and NSX-T

    Posted 06-26-2020 11:53 AM
    Edited by Kristian Gonzalez 06-26-2020 11:53 AM
    First off, thanks to all of you very much for the prompt responses on my initial query.

    Principal issue: customer cannot redistribute the routes to fortigate or from fortigate to NSX-T tier 0

    Some of the envt. specifics I've learned secondhand:

    NSX-T 2.5, and in this config it is distributing all segment and static routes.

    thanks in advance!

    No BGP defined in route




    ------------------------------
    Kristian Gonzalez
    Cloud Architect
    IBM
    Austin TX
    ------------------------------



  • 5.  RE: BGP and NSX-T

    Posted 06-26-2020 12:03 PM
    Are there any intermediate devices between the Fortigate and your T0?
    Assuming BGP is in established state - have you tried removing the inbound prefix-list on the Fortinet side?

    ------------------------------
    Nicholas Schmidt
    Engineer
    AK
    ------------------------------



  • 6.  RE: BGP and NSX-T

    Posted 06-26-2020 12:11 PM
    Edited by Kristian Gonzalez 06-26-2020 12:11 PM

    Nicholas -




    Original Message:
    Sent: 06-26-2020 12:03 PM
    From: Nicholas Schmidt
    Subject: BGP and NSX-T

    Are there any intermediate devices between the Fortigate and your T0?
    Assuming BGP is in established state - have you tried removing the inbound prefix-list on the Fortinet side?

    ------------------------------
    Nicholas Schmidt
    Engineer
    AK



  • 7.  RE: BGP and NSX-T

    Posted 06-26-2020 12:29 PM
    Alright - let's fan out from here:

    Use the command `get logical-router` to show all VRFs for your Edge Transport Node

    Once in the service router Tier-0 instance, (use the command `vrf n`, in my case 2) to view details on that BGP neighbors:

    Once you're in there, the CLI encapsulates the output into `less`, which is very useful here. Just type in prefix, and hit N until you see "accepted prefixes" and "advertised prefixes". What number do you get for both?


    ------------------------------
    Nicholas Schmidt
    Engineer
    AK
    ------------------------------



  • 8.  RE: BGP and NSX-T

    Posted 06-26-2020 12:09 PM
    Hi,
    Request you to elaborate your query in detail to address.

    ------------------------------
    Sachin Bhardwaj
    ------------------------------