[kolla-ansible][neutron]BGP Problems
Hello, I'm trying to get BGP / BGP speaker / DRAgent to work with Neutron on one side and a Cisco router on the other. I work under Centos / Kolla-ansible / Wallaby. I adapt this technical documentation (https://docs.openstack.org/neutron/latest/admin/config-bgp-dynamic-routing.h...) to my configuration but I am having difficulties (the cisco router sends a TCP SYN frame to the router in Openstack, TCP port 179, but the router sends back an RST. I don't understand why, no security on the router port). Do you have any links to help, tutorials, that would be of great help to me. Thanks in advance. Franck
Hello On Tue, 26 Oct 2021 at 21:29, Franck VEDEL <franck.vedel@univ-grenoble-alpes.fr> wrote:
Hello, I'm trying to get BGP / BGP speaker / DRAgent to work with Neutron on one side and a Cisco router on the other. I work under Centos / Kolla-ansible / Wallaby. I adapt this technical documentation (https://docs.openstack.org/neutron/latest/admin/config-bgp-dynamic-routing.h...) to my configuration but I am having difficulties (the cisco router sends a TCP SYN frame to the router in Openstack, TCP port 179, but the router sends back an RST. I don't understand why, no security on the router port).
My understanding is that the agent will connect to the switch, there is no connection initiated from the switch to the agent. There should be a "neighbor... passive" option in the BGP configuration on the switch that you could set to ensure it's not trying to initiate the connection. If you follow this doc (and you use ovs as driver, not ovn) you should see the dragent connecting to the switch and publishing routes if any. hope that helps
Do you have any links to help, tutorials, that would be of great help to me. Thanks in advance.
Franck
Francois
Thanks François for your help.I added the following command: neighbor 172.16.201.121 transport connection-mode passive Celan is not working. On the other hand, between 2 cisco routers, I have no problem. I'm missing something. I continue to search even if the documents I find do not correspond to my situation. Franck
Le 26 oct. 2021 à 22:43, Francois <rigault.francois@gmail.com> a écrit :
Hello On Tue, 26 Oct 2021 at 21:29, Franck VEDEL <franck.vedel@univ-grenoble-alpes.fr> wrote:
Hello, I'm trying to get BGP / BGP speaker / DRAgent to work with Neutron on one side and a Cisco router on the other. I work under Centos / Kolla-ansible / Wallaby. I adapt this technical documentation (https://docs.openstack.org/neutron/latest/admin/config-bgp-dynamic-routing.h...) to my configuration but I am having difficulties (the cisco router sends a TCP SYN frame to the router in Openstack, TCP port 179, but the router sends back an RST. I don't understand why, no security on the router port).
My understanding is that the agent will connect to the switch, there is no connection initiated from the switch to the agent. There should be a "neighbor... passive" option in the BGP configuration on the switch that you could set to ensure it's not trying to initiate the connection. If you follow this doc (and you use ovs as driver, not ovn) you should see the dragent connecting to the switch and publishing routes if any.
hope that helps
Do you have any links to help, tutorials, that would be of great help to me. Thanks in advance.
Franck
Francois
participants (2)
-
Franck VEDEL
-
Francois