Skip to content

BGP Confederation plugin (updated)#2426

Closed
jbemmel wants to merge 11 commits intoipspace:devfrom
jbemmel:bgp_confed
Closed

BGP Confederation plugin (updated)#2426
jbemmel wants to merge 11 commits intoipspace:devfrom
jbemmel:bgp_confed

Conversation

@jbemmel
Copy link
Collaborator

@jbemmel jbemmel commented Jun 24, 2025
edited
Loading

Updated after #2462

Currently issues a warning if the user tries to use confed_ebgp in bgp.sessions, as this does not achieve the expected result - instead, ibgp settings are inherited (note added to documentation)

@jbemmel jbemmel marked this pull request as draft June 24, 2025 14:51
@jbemmel jbemmel force-pushed the bgp_confed branch 2 times, most recently from e6a7364 to 806f701 Compare June 24, 2025 14:57
@ipspace
Copy link
Owner

ipspace commented Jun 24, 2025

Should BGP confederation peers be defined as a new type of neighbor? (e.g. confed)

From a purely academic standpoint 😜 we should have a new type of neighbor, maybe "ebgp_confed". However, we should probably apply IBGP-like community propagation to these members. I'm sure there are some other implication (but I'm too braindead to figure them out), and I don't want to think about what would happen when someone tries to combine this with EVPN and MPLS/VPN.

@ipspace
Copy link
Owner

ipspace commented Jun 26, 2025

Hoping I'm not about to write something too stupid:

  • Confederation EBGP sessions are usually treated similarly to IBGP sessions if we use confederations as a scalability mechanism
  • They can be more similar to EBGP sessions if you use confederations to create multiple domains within your "real" autonomous system
  • In any case, we need to know how to deal with bgp.community, bgp.sessions and bgp.activate, and having confederation EBGP sessions use the same settings as regular EBGP sesssions is probably the wrong answer.
  • That brings us to the need for ebgp_confed neighbor type. I think it should behave almost like ibgp by default (but the behavior should be configurable since we have configurable behavior for localas_ibgp), which means we have to generalize the localas_ibgp hacks in the BGP module.
  • We could dynamically add the ebgp_confed neighbor type to various BGP attributes when the plugin is loaded, or we could add the value to the allowed values the way we do it with localas_ibgp. In any case, I would remove the hardcoded values for bgp.sessions (BGP_VALID_SESSION_TYPE) and bgp.activate (BGP_DEFAULT_SESSIONS) in the BGP module and rely on valid_values from BGP attributes.
  • Finally, whenever we add support for confederations on a new device, we have to carefully check how BGP neighbor type is used in other BGP configuration templates, similarly to how we have to do if 'ibgp' in ngb.type in some places today.

If we decide to go down this path, I can do the generic BGP changes.

@jbemmel
Copy link
Collaborator Author

jbemmel commented Jun 26, 2025

If we decide to go down this path, I can do the generic BGP changes.

I agree, let's do it this way

@ipspace ipspace mentioned this pull request Jun 29, 2025
Merged
@ipspace
Copy link
Owner

ipspace commented Jun 29, 2025

After we merge #2462, you have to add ebgp_confed (or confed_ebgp to be consistent with localas_ibgp) to the four lists in bgp.attributes.global (you can use data.append_to_list function).

I hope the earliest plugin hook is executed before the attributes are expanded, otherwise you'll have to add the same values to bgp.attributes.node lists.

@jbemmel jbemmel changed the title BGP Confederation plugin (draft) BGP Confederation plugin (updated) Jun 30, 2025
jbemmel added 8 commits July 1, 2025 07:01
@jbemmel
BGP Confederation plugin
30bc6f9 
Minimal skeleton for discussion

* Should BGP confederation peers be defined as a new type of neighbor? (e.g. `confed`)
@jbemmel
- Add EOS support
b33df23 
- Avoid changing AS towards other confederation members
@jbemmel
* Add Cumulus NVUE support (through snippet)
ff57b6e 
* Check plugin support
@jbemmel
* Add Dell OS10 support
823e434 
* Add None device
@jbemmel
* Only provision peers if there are any
2374f17 
* Add iBGP confederation peer (TODO IGP)
@jbemmel
Add iBGP confederation peer, rename to DUT
5568628
@jbemmel
Use new bgp structures
8e9248b
@jbemmel
Update test case, include ebgp session
edda79d
@jbemmel jbemmel marked this pull request as ready for review July 1, 2025 12:29
ipspace added a commit that referenced this pull request Jul 9, 2025
@ipspace
BGP confederations on Dell OS10, EOS, FRR, and IOS
dbde9fe 
Based on work done by @jbemmel in #2426
@ipspace ipspace mentioned this pull request Jul 9, 2025
Merged
ipspace added a commit that referenced this pull request Jul 10, 2025
@ipspace
BGP confederations on Dell OS10, EOS, FRR, and IOS (#2520)
a5d794b 
Based on work done by @jbemmel in #2426

Also: move the calculation of BGP session types etc. into "normalize" hook to
make them available before validation starts.
@ipspace
Copy link
Owner

ipspace commented Jul 10, 2025

Replaced by #2520

@ipspace ipspace closed this Jul 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jbemmel @ipspace