VyOS- BGP on Equinix Metal

Created by Fernando Maidana, Modified on Mon, 28 Aug, 2023 at 7:40 PM by Fernando Maidana

Motivation

This document serves as a valuable contribution for both the VyOS Community and customers, providing a comprehensive guide on effectively utilizing BGP within the Equinix-Metal fabric.


Introduction

BGP is one of the most popular protocols to communicate networks on the internet, Equinix Metal provides the ability for advertising routes to your Equinix Metal servers. VyOS supports routing for advertising both IPv4 addresses and IPv6 addresses. This doc contains a high-level overview for how to use BGP on Equinix Metal.


Scenario

For this scenario, we’ll use a basic Layer 3 connection between VyOS and Equinix Metal. We’ll use BGP as the dynamic routing protocol to show how it works : 



High level diagram from Equinix-Metal : 




This configuration assumes the following steps are complete:

  1.  Metal instance deployed by selecting iPXE as the OS and providing the URL to the VyOS router image   

  2.  Network option changed to Hybrid Bonded Mode

        3.  Bonding interfaces configured in VyOS

        4.  Enable BGP on Equinix

        5. Configure BGP neighbors on VyOS with the metadata provider for Equinix


Equinix Metal Instance Configuration: 


For Equinix Metal, we’ll deploy a VyOS virtual router. It’s a simple step using a pxe server provider for us .This guide will show the minimum configuration required to establish a network connection.


Basic setup to vyos-metal-router :

We will use a rsa-keys to establish a ssh connection with our route , refer documentation ssh-keys



#ssh to instance

ssh -i "equinix" vyos@[instance public ip]

#reset the interface , save parameter as ip address/gateway


vyos@metal-router# delete interfaces

vyos@metal-router# commit

vyos@metal-router# save


# interfaces configuration and default route

vyos@metal-router# set interfaces bonding bond0 address '147.75.53.31/31'

vyos@metal-router# set interfaces bonding bond0 description 'To Equinix'

vyos@metal-router# set interfaces bonding bond0 member interface 'eth0'

vyos@metal-router# set interfaces bonding bond0 member interface 'eth1'

vyos@metal-router# set interfaces bonding bond0 mode '802.3ad'

vyos@metal-router# set protocols static route 0.0.0.0/0 next-hop <metal public gateway ip>

vyos@metal-router# commit

vyos@metal-router# save



Enabling BGP on Equinix metal and configuring on VyOS 

Equinix metal is able to enable BGP and establish a session with a VyOS instance , for this test we will use Local-bgp , which is described in the Equinix documentation bgp-on-equinx-metal


Gathering Your Neighbor Information

Usually, we will need a neighbor information, when we activate in our project BGP it brings the information by metadata , we’ve created a script to get this information : 

#get metadata from Equinix 


vyos@metal-router:~$ curl -o data.json  https://metadata.platformequinix.com/metadata




Create a script to parse this information : 


#create the file and set permission


vyos@metal-router:~$ touch data_metal.py

vyos@metal-router:~$ chmod +x data_metal.py


#open the file called data_metal.py : 


vyos@metal-router:~$ vi data_metal.py


#### insert the script : 


#!/usr/bin/env python3

# parsher to get BGP values


import json

import sys



with open(sys.argv[1]) as json_data:

    data = json.load(json_data)



 # Convert the dictionary back to a JSON string

convert_data_json = json.dumps(data["bgp_neighbors"][0], indent=2)


print(convert_data_json)



Run to get the values that we will use to establish a BGP session with Equinix metal : 


#run the script it shows the values human-readable 


vyos@metal-router:~$ ./data_metal.py data.json 


{

  "address_family": 4,

  "customer_as": 65000,

  "customer_ip": "10.65.93.129",

  "md5_enabled": false,

  "md5_password": null,

  "multihop": true,

  "peer_as": 65530,

  "peer_ips": [

    "169.254.255.1",

    "169.254.255.2"

  ],

}



This table will be useful to configure our bgp peers : 


metadata 

value 

customer_as

65000

peer_as

65530

customer_ip

Source ip 10.65.93.129/32

multihop

if the metadata shows multihop as true then you need to add multihop to VyOS

peer_ips

Neighbors 169.254.255.1 and  169.254.255.2

Configuration on VyOS :


#interfaces dummy with customer_ip


vyos@metal-router# set interfaces dummy dum0 address '10.65.93.129/31'

vyos@metal-router# set interfaces dummy dum0 description 'Customer_ip'


# route-maps


vyos@metal-router# set policy route-map EXPORT rule 10 action 'permit'

vyos@metal-router# set policy route-map EXPORT rule 10 match interface 'dum0'

vyos@metal-router# set policy route-map EXPORT rule 999 action 'deny'

vyos@metal-router# set policy route-map IMPORT rule 10 action 'deny'


# bgp configuration

vyos@metal-router# set protocols bgp 65000 address-family ipv4-unicast redistribute connected

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 address-family ipv4-unicast route-map export 'EXPORT'

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 address-family ipv4-unicast route-map import 'IMPORT'

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 peer-group 'EQUINIX'

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 address-family ipv4-unicast route-map export 'EXPORT'

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 address-family ipv4-unicast route-map import 'IMPORT'

vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 peer-group 'EQUINIX'

vyos@metal-router# set protocols bgp 65000 parameters router-id '10.65.93.129'

vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX disable-connected-check

vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX ebgp-multihop '5'

vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX remote-as '65530'

vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX update-source 'dum0'


#static routes :

vyos@metal-router# set protocols static route 169.254.255.1/32 next-hop <metal public gateway ip>

vyos@metal-router# set protocols static route 169.254.255.2/32 next-hop <metal public gateway ip>




Validation and troubleshooting

We can verify the BGP session state using the following command: 


vyos@metal-router:~$ show ip bgp summary


IPv4 Unicast Summary:

BGP router identifier 10.65.93.129, local AS number 65000 vrf-id 0

BGP table version 2

RIB entries 3, using 576 bytes of memory

Peers 2, using 43 KiB of memory

Peer groups 1, using 64 bytes of memory


Neighbor        V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt

169.254.255.1   4      65530       210       183        0    0    0 02:55:23            0        1

169.254.255.2   4      65530       208       183        0    0    0 02:55:23            0        1


Total number of neighbors 2


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article