Cisco NFVIS 4.4.1 Enterprise Network Function Virtualization Infrastructure Software User Manual

June 15, 2024
Cisco

Cisco NFVIS 4.4.1 Enterprise Network Function Virtualization

Infrastructure Software

Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-
Software-product

Product Information

The product is an NFVIS system that supports BGP (Border Gateway Protocol) for dynamic routing between BGP autonomous systems. It allows the NFVIS system to learn routes announced from remote BGP neighbors and apply them to the NFVIS system. Additionally, it allows you to announce or withdraw NFVIS local routes to/from remote BGP neighbors.

Feature History

Feature Name Release Information Description
BGP Support on Remote Subnets Over IPSec NFVIS 4.4.1 This feature enables

the NFVIS system to learn routes announced
by remote BGP neighbors over IPSec and apply them to the NFVIS
system.
BGP Support Announcing Local Subnets (Route Distribution)| NFVIS 3.10.1| This feature allows you to announce or withdraw NFVIS local
routes to/from remote BGP neighbors using route distribution.

How NFVIS BGP Works

  • The NFVIS BGP feature works in conjunction with a remote BGP router. It learns routes announced from the remote BGP neighbor and applies them to the NFVIS system.
  • It also allows you to announce or withdraw NFVIS local routes to/from the remote BGP neighbor.
  • Starting from NFVIS 4.4.1 release, the NFVIS BGP feature can learn routes from the BGP neighbor over a secure overlay tunnel.
  • These learned routes/subnets are added to the NFVIS routing table for the secure tunnel, making them accessible over the tunnel.

Product Usage Instructions

Configure BGP on NFVIS

To configure a BGP neighbor on NFVIS, you have two options:

  1. Using a neighbor’s IP address
  2. Using a name string

Using a Neighbor’s IP Address

If you want to configure a BGP neighbor using an IP address, follow these steps:

  1. Access the configuration terminal of the router:
config terminal
  1. Specify the BGP AS number and the neighbor IP address:
router bgp [AS number] neighbor [neighbor IP address] remote-as [remote AS number]
  1. Exit the configuration terminal:
exit
  1. Commit the changes:
commit

Using a Name String

If you want to configure a BGP neighbor using a name string, follow these steps:

  1. Access the configuration terminal of the router:
config terminal
  1. Specify the BGP AS number and the neighbor name string:
router bgp [AS number] neighbor [name string] remote-as [remote AS number]
  1. Exit the configuration terminal:
exit
  1. Commit the changes:
commit

Deleting BGP Configurations

If you want to delete BGP configurations, follow these steps:

  1. Access the configuration terminal of the router:
config terminal
  1. Delete the BGP configurations:
no router bgp [AS number]
  1. Commit the changes:
commit

Specifications

Property Type Description Mandatory
as Uint32 Local BGP AS number Yes
router-id IPv4 IPv4 address for local system No
neighbor List List of neighbors Yes
remote-IP String IPv4 address or Secure Overlay BGP neighbor name for BGP
neighbor system Yes
remote-as Uint32 Remote BGP AS number Yes
description String Description No

FAQ

Q: What is BGP?

  • A: BGP stands for Border Gateway Protocol, which is a dynamic routing protocol used to exchange route information between BGP autonomous systems.

Q: What does the NFVIS BGP feature do?

  • A: The NFVIS BGP feature allows the NFVIS system to learn routes announced by remote BGP neighbors and apply them to the NFVIS system. It also allows you to announce or withdraw NFVIS local routes to/from remote BGP neighbors.

Q: How does the NFVIS BGP feature work with a secure overlay?

  • A: Starting from NFVIS 4.4.1 release, the NFVIS BGP feature can learn routes from the BGP neighbor over a secure overlay tunnel. These learned routes/subnets are added to the NFVIS routing table for the secure tunnel, making them accessible over the tunnel.

Q: How can I configure a BGP neighbor on NFVIS?

  • A: You can configure a BGP neighbor on NFVIS either using a neighbor IP address or a name string. Refer to the “Configure BGP on NFVIS” section for detailed instructions.

Q: How can I delete BGP configurations on NFVIS?

  • A: To delete BGP configurations on NFVIS, follow the steps mentioned in the “Deleting BGP Configurations” section.

BGP Support on NFVIS

Table 1: Feature History

Feature Name Release Information Description
BGP Support on Remote Subnets Over IPSec. NFVIS 4.4.1 This feature allows

the NFVIS system to learn routes that are announced from the remote BGP neighbor and apply the learned routes to the NFVIS system.
BGP Support Announcing Local Subnets (Route Distribution)| NFVIS 3.10.1| This feature allows you to announce or withdraw NFVIS local routes to the remote BGP neighbor using route distribution.

  • Border Gateway Protocol (BGP) is the dynamic routing protocol to exchange route information between BGP autonomous systems.
  • The NFVIS BGP feature works together with a remote BGP router. This feature allows the NFVIS system to learn routes announced from the remote BGP neighbor and apply the learned routes to the NFVIS system. This feature also allows you to announce or withdraw NFVIS local routes from the remote BGP neighbor.
  • Starting from the NFVIS 4.4.1 release, the NFVIS BGP feature works with the secure overlay feature to learn routes from the BGP neighbor over a secure overlay tunnel. These learned routes or subnets are added to the NFVIS routing table for the secure tunnel, which makes the routes accessible over the tunnel.
  • Configure BGP on NFVIS, on page 1
  • Route Distribution, on page 4
  • BGP Route Annoucement over MPLS or IPSec, on page 5

Configure BGP on NFVIS

  • A BGP neighbor can be configured using a neighbor IP address or a name string.
  • If a BGP neighbor is specified using a name string, it must be used in conjunction with the secure overlay bgp-neibhor-name field. A BGP session is established over the secure overlay tunnel. If the neighbor name matches the BGP-neighbor-name field configured in the secure-overlay configuration, then NFVIS will determine the active remote system IP address used for the IPSec connection and replace the neighbor name with that IP.
  • This will establish a BGP neighbor session with that IP address. For more information on how to configure secure overlay with BGP name, see Secure Overlay and Single IP Configuration.
  • If a BGP neighbor is specified using an IP address which is headend VPN responder’s tunnel IP address, which is the same as the IP address of a a headend VPN responder tunnel, a BGP session is established over the secure overlay tunnel.
  • This example shows how to create or update BGP configuration for a neighbor with a specified name string:Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-1
  • This example shows how to create or update BGP configuration with a specified neighbor IP address:Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-2
  • This example shows how to delete BGP configurations:
  • The following table provides the syntax description for each parameter in the commands mentioned in the examples above:
Property Type Description Mandatory
as Uint32 Local BGP AS number Yes
router-id IPv4 H.H.H.H: IPv4 address for local system No
neighbor list Neighbor list Yes
remote-ip String IPv4 address or Secure Overlay BGP neighbor name for BGP
neighbor system Yes
remote-as Uint32 Remote BGP AS number Yes
description String Description of neighbor No

The following example displays the BGP session details:Cisco-NFVIS-4-4-1
-Enterprise-Network-Function-Virtualization-Infrastructure-Software-
fig-4Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-
Infrastructure-Software-fig-5

The following example displays the BGP routes learnt through BGP:Cisco-
NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-
Software-fig-6

Note NFVIS can learn up to 15 prefixes.

BGP Neighbor Configuration Example

Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-
Software-fig-7

Route Distribution

The Route Distribution feature works together with a remote BGP router. It allows you to announce or withdraw specified routes to the remote BGP router.
You can use this feature to announce the route of int-mgmt-net subnet to a remote BGP router. A remote user, can access the VMs attached to int-mgmt-net through the VMs’ IP address on int-mgmt-net-br through a BGP router, when the routes are successfully inserted on the remote BGP router.

To configure or update route distribution:Cisco-NFVIS-4-4-1-Enterprise-
Network-Function-Virtualization-Infrastructure-Software-
fig-8

Table 2: Property Description

Property Type Description Mandatory
neighbor-address IPv4 BGP neighbor IPv4 address. It is the key of the route
distribution list. Yes
local-address IPv4 Local IPv4 address. This address must be

configured as neighbor IP address on the remote BGP router. If not

configured, local-address is set to local-bridge’s IP address.

| No
local-as|  | Local autonomous system number. It can be in

following two formats:

<decimal number, 1.0 .. 65535.65535><unsignedInt, 1 .. 4294967295>

| Yes
local-bridge|  | Local bridge name for advertising routes (default wan-br).| No
remote-as|  | Remote autonomous system number. It can be in following two formats:

<decimal number, 1.0 .. 65535.65535><unsignedInt, 1 .. 4294967295>

| Yes
router-id| IPv4| Local router ID| No
Property| Type| Description| Mandatory
---|---|---|---
network-subnet|  | List of network subnet to be announced.| Yes
subnet| IPv4 prefix| Network subnet to be announced H.H.H.H/N| Yes
next-hop| IPv4| IPv4 address of next hop. Default local-address or IP address of local-bridge.| No

  • Use the no router bgp command to delete route distribution. To verify the route-distrubition status use the show router bgp command.
  • Remote BGP Router Configuration Example
  • The NFVIS route distribution feature works together with the remote BGP router. The configuration on NFVIS and on remote BGP router must match.
  • This example shows the configuration on a remote BGP router.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-9
BGP Route Annoucement over MPLS or IPSec

Table 3: Feature History

Feature Name Release Information Description
BGP Route Annoucement over MPLS or IPSec NFVIS 4.5.1 This feature allows you

to

configure NFVIS to announce routes through BGP over MPLS. NFVIS allows the routes learned through BGP available over the IPSec tunnel over an MPLS connection.

  • With this feature enhancement, the existing routes learnt through BGP over IPSec tunnel are now allowed over MPLS connection. Additionally, NFVIS can now announce routes through BGP, using the same router bgp command that is used for learning routes over BGP. For more information on this command, see the
  • Cisco IOS XE router bgp command.
  • You can pair the secure overlay configurations to announce NFVIS routes over BGP through IPSec tunnel.
  • The existing router bgp configurations can be updated to add the route announcement feature. Make sure that you remove the existing route distribution configurations before you configure the router bgp command.
  • The following example shows how to configure the announcement of 10.20.0.0/24 subnet over BGP.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-10
  • The following example shows how to remove the announcement of 10.20.0.0/24 subnet from BGP.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-11
  • The following example shows how to remove a neighbor from the IPv4 address family, and disable route announcements for the same neighbor.
  • To view the local BGP status for BGP over MPLS use the show bgp ipv4 unicast command.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-13
  • To view the BGP neighbor status for BGP over MPLS use the show bgp ipv4 unicast summary command.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-14
  • To view the BGP learned or announced routes for BGP over MPLS use the show bgp ipv4 unicast route command.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-15
  • To view the local BGP status for BGP over IPSec tunnel use the show bgp vpnv4 unicast command.Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-16
  • To show BGP neighbor status for BGP over IPSec tunnel:Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-17
  • To show BGP learned/announced routes for BGP over IPSec tunnel:Cisco-NFVIS-4-4-1-Enterprise-Network-Function-Virtualization-Infrastructure-Software-fig-18
  • Note When you configure BGP route announcement over IPSec tunnel, ensure that you configure secure overlayto use the virtual IP address for the local tunnel IP address (no local-system-ip-addr configured).
  • When you configure BGP route announcement, the only configurable address-family or transmission combination is ipv4 unicast for both IPSec and MPLS. To view the BGP status, the configurable address-family or transmission for IPSec is vpnv4 unicast and for MPLS is ipv4 unicast.

References

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

Related Manuals