Configure dynamic routing protocols: OSPF, BGP, IS-IS

 
NSX supports three different types of Routing Protocols: Open Shortest Path First (OSPF), Border, Border Gateway Patrol (BGP), and Intermediate System to Intermediate System (IS-IS). While all three are supported, the Distributed Logical Router (DLR) can only use OSPF and BGP, while the Edge Services Gateway (ESG) can use all three.
 

OSPF

 
Let’s start with OSPF. OSPF is an interior gateway protocol that collects link state information from all available routes and creates a map of the network topology. OSPF makes routing decisions based on the destination IP address in the packet and uses a dynamic process of traffic load balancing between routes of equal cost. OSPF networks are divided into areas. A router can be a part of multiple areas, as long as one of the areas is 0, or the backbone area. An area is defined as a logical collection of OSPF networks/routers/links that are all defined by the same area ID. When configuring OSPF, you will also need to define both a Forwarding Address and a Protocol Address. A forwarding address is used by the router to.. well.. forward packets. A protocol address is a unique IP (same subnet as the forwarding address) and is used by OSPF to for adjacency with peers. Let’s configure OSPF!
 
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> NSX Edges and double click the Edge that for which you would like to configure OSPF.
 
1
 
Step 2. Click on Manage -> Routing -> Global Configuration then click Edit next to Dynamic Routing Configuration
 
2
 
Step 3. Select your Router ID then hit OK and Publish Changes
 
3
 
Step 4. Click OSPF on the left pane, then select Edit next to OSPF Configuration. Check Enable OSPF then hit OK
 
4
 
Step 5. Click the + sign under Area Definitions to add a new Area. Specify the AREA ID and hit OK. (Optionally, you can configure the Authentication and Type).
 
5
 
Step 6. Click the + Sign next to Area to Interface Mapping and specify the vNIC, Area, and any Advanced configuration options then hit OK
 
6
 
Step 7. Click Publish Changes
 
Note: If you are trying to configure OSPF for two different Edge Devices to share routes, follow the same process above on your other Edge device, making sure they are in the same area, and have the same MTU, Hello, and Dead Intervals
 
Step 8. Log into your ESG via SSH, and run the following command to confirm the devices are neighbors.
 

vShield-edge-1-0> show ip ospf neighbor
Neigbhor ID         Priority    Address             Dead Time   State
192.168.10.5        128         192.168.10.3        36          Full/DR

 
You can also see what routes are shared by the Edge devices by running:
 

vShield-edge-1-0> show ip route

Codes: O - OSPF derived, i - IS-IS derived, B - BGP derived,
C - connected, S - static, L1 - IS-IS level-1, L2 - IS-IS level-2,
IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2,
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

Total number of routes: 7

S       0.0.0.0/0            [1/1]         via 192.168.18.1
C       172.16.10.0/24       [0/0]         via 172.16.10.1
O   E2  172.16.20.0/24       [110/1]       via 192.168.10.5
C       172.16.30.0/24       [0/0]         via 172.16.30.1
C       172.16.31.0/24       [0/0]         via 172.16.31.1
C       192.168.10.0/29      [0/0]         via 192.168.10.1
C       192.168.18.0/24      [0/0]         via 192.168.18.40

 
The E2 by 172.16.20.0/24 means it was learned from OSPF.
 

BGP

 
BGP is a used for a different purpose than OSPF. As mentioned OSPF is more of an interior gateway protocol, BGP however, is an perimeter gateway protocol; It is used as the edge of your network. BGP constructs a routing table of networks reachable among Autonomous Systems (AS) number defined by the user. Each router will have a Local AS defined, as well as a remote AS defined for it’s neighbor. A connection between both gateways is established first, and then routing information is exchanged between the two devices.
 
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> NSX Edges and double click the Edge that for which you would like to configure BGP.
 
1
 
Step 2. Click on Manage -> Routing -> Global Configuration then click Edit next to Dynamic Routing Configuration
 
2
 
Step 3. Select your Router ID then hit OK and Publish Changes
 
3
 
Step 4. Select BGP in the left pane, then click Edit next to BGP Configuration. Check Enable BGP and a Local AS (64512 – 65534 and 4200000000 – 4294967294 are internal for anyone to use) then hit OK
 
7
 
Step 5. Click the + sign to add a new neighbor. Specify the neighbor’s IP address, Remote AS and any custom configuration or authentication you would like to use, including Filters then click OK
 
9
 
Step 6. Click Publish Changes
 
Note: Again, if you are configuring multiple Edge devices for BGP, you will need to follow the same steps above for the remote BGP device.
 
You can run the same commands above, substituting OSPF for BGP to confirm the neighbor relationship and routes.
 

show ip bgp neighbors
show ip route

 
Routes learned from BGP will show a B next to them.
 

IS-IS

 
The last routing protocol that you can use in NSX, is IS-IS. This protocol can only be used on ESGs not on DLRs. IS-IS is used to move data through the best route in a Packet-switched network. Much like OSPF, IS-IS associates routers into areas. There are two levels of areas Level 1 and Level 2. A Level 1 area advertises intra-area route information while a Level 2 area advertises inter-area route information. If you were comparing OSPF to IS-IS you could say that the Level 1 area is a non backbone area while the Level 2 area is a backbone area.
 
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> NSX Edges and double click the Edge that for which you would like to configure IS-IS.
 
1
 
Step 2. Click on Manage -> Routing -> Global Configuration then click Edit next to Dynamic Routing Configuration
 
2
 
Step 3. Select your Router ID then hit OK and Publish Changes
 
3
 
Step 4. Click on IS-IS in the left pane then hit Edit next to IS-IS configuration. Select Enable IS-IS and specify a System ID, Type, and Domain/Area Password then hit OK
 
10
 
Step 5. Click Edit next to Areas, specify an Area then hit OK
 
INSERT PICTURE HERE
 
Step 6. Click the + sign next to Interface Mapping and speciy the Interface, Circuit Type and Advanced Configuration Parameters then hit OK
 
11
 
Step 7. Click Publish Changes
 
The commands to view the configuration and neighbors is slightly different.

show isis database
show isis interface
show isis neighbors

 

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top