Motivation
This document serves as a valuable contribution for both the VyOS Community and customers, providing a comprehensive guide on effectively utilizing BGP within the Equinix-Metal fabric.
Introduction
BGP is one of the most popular protocols to communicate networks on the internet, Equinix Metal provides the ability for advertising routes to your Equinix Metal servers. VyOS supports routing for advertising both IPv4 addresses and IPv6 addresses. This doc contains a high-level overview for how to use BGP on Equinix Metal.
Scenario
For this scenario, we’ll use a basic Layer 3 connection between VyOS and Equinix Metal. We’ll use BGP as the dynamic routing protocol to show how it works :
High level diagram from Equinix-Metal :
This configuration assumes the following steps are complete:
Metal instance deployed by selecting iPXE as the OS and providing the URL to the VyOS router image
Network option changed to Hybrid Bonded Mode
3. Bonding interfaces configured in VyOS
4. Enable BGP on Equinix
5. Configure BGP neighbors on VyOS with the metadata provider for Equinix
Equinix Metal Instance Configuration:
For Equinix Metal, we’ll deploy a VyOS virtual router. It’s a simple step using a pxe server provider for us .This guide will show the minimum configuration required to establish a network connection.
Basic setup to vyos-metal-router :
We will use a rsa-keys to establish a ssh connection with our route , refer documentation ssh-keys
#ssh to instance ssh -i "equinix" vyos@[instance public ip] #reset the interface , save parameter as ip address/gateway
vyos@metal-router# delete interfaces vyos@metal-router# commit vyos@metal-router# save
# interfaces configuration and default route
vyos@metal-router# set interfaces bonding bond0 address '147.75.53.31/31' vyos@metal-router# set interfaces bonding bond0 description 'To Equinix' vyos@metal-router# set interfaces bonding bond0 member interface 'eth0' vyos@metal-router# set interfaces bonding bond0 member interface 'eth1' vyos@metal-router# set interfaces bonding bond0 mode '802.3ad' vyos@metal-router# set protocols static route 0.0.0.0/0 next-hop <metal public gateway ip> vyos@metal-router# commit vyos@metal-router# save |
Enabling BGP on Equinix metal and configuring on VyOS
Equinix metal is able to enable BGP and establish a session with a VyOS instance , for this test we will use Local-bgp , which is described in the Equinix documentation bgp-on-equinx-metal
Gathering Your Neighbor Information
Usually, we will need a neighbor information, when we activate in our project BGP it brings the information by metadata , we’ve created a script to get this information :
Create a script to parse this information :
#create the file and set permission
vyos@metal-router:~$ touch data_metal.py vyos@metal-router:~$ chmod +x data_metal.py
#open the file called data_metal.py :
vyos@metal-router:~$ vi data_metal.py
#### insert the script :
#!/usr/bin/env python3 # parsher to get BGP values
import json import sys
with open(sys.argv[1]) as json_data: data = json.load(json_data)
# Convert the dictionary back to a JSON string convert_data_json = json.dumps(data["bgp_neighbors"][0], indent=2)
print(convert_data_json)
|
Run to get the values that we will use to establish a BGP session with Equinix metal :
#run the script it shows the values human-readable
vyos@metal-router:~$ ./data_metal.py data.json
{ "address_family": 4, "customer_as": 65000, "customer_ip": "10.65.93.129", "md5_enabled": false, "md5_password": null, "multihop": true, "peer_as": 65530, "peer_ips": [ "169.254.255.1", "169.254.255.2" ], }
|
This table will be useful to configure our bgp peers :
metadata | value |
customer_as | 65000 |
peer_as | 65530 |
customer_ip | Source ip 10.65.93.129/32 |
multihop | if the metadata shows multihop as true then you need to add multihop to VyOS |
peer_ips | Neighbors 169.254.255.1 and 169.254.255.2 |
Configuration on VyOS :
#interfaces dummy with customer_ip
vyos@metal-router# set interfaces dummy dum0 address '10.65.93.129/31' vyos@metal-router# set interfaces dummy dum0 description 'Customer_ip'
# route-maps
vyos@metal-router# set policy route-map EXPORT rule 10 action 'permit' vyos@metal-router# set policy route-map EXPORT rule 10 match interface 'dum0' vyos@metal-router# set policy route-map EXPORT rule 999 action 'deny' vyos@metal-router# set policy route-map IMPORT rule 10 action 'deny'
# bgp configuration
vyos@metal-router# set protocols bgp 65000 address-family ipv4-unicast redistribute connected vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 address-family ipv4-unicast route-map export 'EXPORT' vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 address-family ipv4-unicast route-map import 'IMPORT' vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.1 peer-group 'EQUINIX' vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 address-family ipv4-unicast route-map export 'EXPORT' vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 address-family ipv4-unicast route-map import 'IMPORT' vyos@metal-router# set protocols bgp 65000 neighbor 169.254.255.2 peer-group 'EQUINIX' vyos@metal-router# set protocols bgp 65000 parameters router-id '10.65.93.129' vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX disable-connected-check vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX ebgp-multihop '5' vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX remote-as '65530' vyos@metal-router# set protocols bgp 65000 peer-group EQUINIX update-source 'dum0'
#static routes :
vyos@metal-router# set protocols static route 169.254.255.1/32 next-hop <metal public gateway ip> vyos@metal-router# set protocols static route 169.254.255.2/32 next-hop <metal public gateway ip>
|
Validation and troubleshooting
We can verify the BGP session state using the following command:
vyos@metal-router:~$ show ip bgp summary
IPv4 Unicast Summary: BGP router identifier 10.65.93.129, local AS number 65000 vrf-id 0 BGP table version 2 RIB entries 3, using 576 bytes of memory Peers 2, using 43 KiB of memory Peer groups 1, using 64 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt 169.254.255.1 4 65530 210 183 0 0 0 02:55:23 0 1 169.254.255.2 4 65530 208 183 0 0 0 02:55:23 0 1
Total number of neighbors 2 |