Tuesday, March 21, 2017

4 Byte BGP ASN Support in NSX 6.3

One of the new features of NSX 6.3 that some customers have been waiting for is 4-byte Autonomous System Number (ASN) support for the Border Gateway Protocol (BGP). While the concept is simple

and the technology not new for many I wanted to show how it works and what we do with NSXv.
First, if you are unfamiliar with 4-byte ASN, read RFC 6793. Exciting stuff to read, but the long and short is that we were running out of Autonomous System numbers because of the initial use of 2 byte values. It’s now been increased to 4 bytes which allows for 4.2 billion AS to be assigned. Hopefully this will keep the problem of exhausting AS numbers at bay until we all retire. Side note, computer history is full of issues like this where the initial implementation of a technology doesn’t scale to meet requirements due to a bit of shortsightedness – HIMEM.SYS anyone?

4-byte ASN support is inherent in NSX 6.3 so there is no need to enable it via the GUI, CLI or API. Let’s start with looking at our existing BGP config, which in this case is using an old school 2-bye ASN configuration to a Cisco 4948 switch. We can see that the 4948 is AS 65001 and has not learned any routes from the NSX edge which is AS 65000, a 2 byte ASN, via BGP.

We have created a new NSX Edge called Tenant-1 with a /31 transit link between it and the existing NSX Edge, dc1-edge-01. It has a few /24s behind it which we’ll advertise via BGP to the dc1-edge-01 tenant. This new NSX Edge is BGP AS 2000000, a 4-byte ASN.

On the existing NSX Edge, dc1-edge-01 we will add a new neighbor for the Tenant-1 NSX Edge.

Once changes are published, we can check the peering status via CLI. We will start on NSX Edge Tenant-1.

Now we can check on NSX Edge dc1-edge-01 where we can see both BGP peers – AS 200000 and AS 65001 (the 4948).

Finally we can check on the 4948 and see the peering with dc1-edge-01 and the AS path.  Note my 4948 doesn’t support 4-byte ASNs so we see the new 4-byte ASN as AS 23456 which is a Well Known BGP AS called AS_TRANS which is used for backwards compatibility.

Note I used the ASPLAIN format for my AS numbers, but NSX does also support using Asdot as shown by a neighbor using Asdot notation.

Let me know if there are questions or comments on what you’d like to see


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More