Manual Chapter :
Configuring BGP and
BFD with iControl REST
Applies To:
Show VersionsBIG-IP LTM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
Configuring BGP and
BFD with iControl REST
Most of what you can do in
tmsh
works in iControl® REST. If you are not familiar with
iControl REST API, you can find more documentation in the iControl REST wiki.Move ZebOS BGP and BFD routing
configuration to iControl REST
Before moving your configuration to
iControl REST, be sure to create the VLANs and Self-IP
addresses you need to use.
You have to create a new
deployment because migration compatibility is not yet available.
- Enable thesys db variableby adding a JSON object to the URI.For example, if you had two devices (10.144.130.174and10.144.128.231) you would enter this command into a terminal that can reach both devices:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/sys/db/tmrouted.tmos.ro uting/ -H "Content-Type: application/json" -X PUT -d '{"value": "enable"}'curl -k -u admin:admin https://10.144.128.231/mgmt/tm/sys/db/tmrouted.tmos.ro uting/ -H "Content-Type: application/json" -X PUT -d '{"value": "enable"}'
- Remove existing routing protocols.For example:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route-domain/0/ -H "Content-Type: application/json" -X PATCH -d '{"routingProtocol": []}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route-domain/0/ -H "Content-Type: application/json" -X PATCH -d '{"routingProtocol": []}'
- Create the routing instance: name, specify the AS, redistribute connected, static, and kernel routes.For example:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp -H "Content-Type: application/json" -X POST -d '{"name": "testBGP", "localAs": "111", "addressFamily": [ {"name": "ipv4", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}, {"name": "ipv6", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}]}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp -H "Content-Type: application/json" -X POST -d '{"name": "testBGP", "localAs": "112", "addressFamily": [ {"name": "ipv4", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}, {"name": "ipv6", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}]}'
- To verify the routing instance:tmsh list net routing
- Set the routers up as neighbors.For example:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1.1.1.2", "remoteAs" : "112"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1::2", "remoteAs" : "112"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1.1.1.1", "remoteAs" : "111"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1::1", "remoteAs" : "111"}'
- Create the routes.An example of static routes:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name":"4.4.4.1/32", "blackhole": true}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name": "4::1/128", "blackhole": true}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name":"3.3.3.1/32", "blackhole": true}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name": "3::1/128", "blackhole": true}'An example of connected routes (self IP addresses):curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"4.4.4.2/32", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"4::2/128", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"3.3.3.2/32", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"3::2/128", "vlan": "testVlan", "allowService": "none"}'An example of kernel routes (virtual-addresses):curl -k -u admin:admin https://10.144.130.174/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "4.4.4.3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "4::3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "3.3.3.3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "3::3", "routeAdvertisement": "always"}'
- To verify the routes have been exchanged:tmsh show net routing bgpIt can take about 10 seconds for the daemon to start up.
- To modify the configuration:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"5.5.5.5", "remoteAs" : "535"}'
Restore the original ZebOS routing
configuration from iControl REST
The routing config sync status is in
the prompt. If you encounter a config sync failure that you are not able to fix, or if
you need to return to your original ZebOS routing configuration, you can restore the
ZebOS configuration with the backed up file. Restoring a UCS should fully restore the
ZebOS configuration. Note that restoring a UCS interrupts routing.
- Delete the neighbor. For example:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor/5.5.5.5/ -H "Content-Type: application/json" -X DELETE
- To verify that the neighbor is deleted:tmsh list net routing
- Delete all other objects including configured prefix lists and access lists.Use the commandcurl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/<object>/all -H "Content-Type: application/json" -X DELETEwhere <object> is the routing object type.For example:curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP -H "Content-Type: application/json" -X DELETE
You should now be able to continue
working on your configuration in ZebOS
imish
.