Manual Chapter : Configuring BGP and BFD with iControl REST

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
Manual Chapter

Configuring BGP and BFD with iControl REST

Most of what you can do in
tmsh
works in iControl® REST. If you are not familiar with iControl REST API, you can find more documentation in the iControl REST wiki.

Move ZebOS BGP and BFD routing configuration to iControl REST

Before moving your configuration to iControl REST, be sure to create the VLANs and Self-IP addresses you need to use.
You have to create a new deployment because migration compatibility is not yet available.
  1. Enable the
    sys db variable
    by adding a JSON object to the URI.
    For example, if you had two devices (
    10.144.130.174
    and
    10.144.128.231
    ) you would enter this command into a terminal that can reach both devices:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/sys/db/tmrouted.tmos.ro uting/ -H "Content-Type: application/json" -X PUT -d '{"value": "enable"}'
    curl -k -u admin:admin https://10.144.128.231/mgmt/tm/sys/db/tmrouted.tmos.ro uting/ -H "Content-Type: application/json" -X PUT -d '{"value": "enable"}'
  2. Remove existing routing protocols.
    For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route-domain/0/ -H "Content-Type: application/json" -X PATCH -d '{"routingProtocol": []}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route-domain/0/ -H "Content-Type: application/json" -X PATCH -d '{"routingProtocol": []}'
  3. Create the routing instance: name, specify the AS, redistribute connected, static, and kernel routes.
    For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp -H "Content-Type: application/json" -X POST -d '{"name": "testBGP", "localAs": "111", "addressFamily": [ {"name": "ipv4", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}, {"name": "ipv6", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}]}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp -H "Content-Type: application/json" -X POST -d '{"name": "testBGP", "localAs": "112", "addressFamily": [ {"name": "ipv4", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}, {"name": "ipv6", "redistribute": [ {"name": "connected"}, {"name": "static"}, {"name": "kernel"}]}]}'
  4. To verify the routing instance:
    tmsh list net routing
  5. Set the routers up as neighbors.
    For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1.1.1.2", "remoteAs" : "112"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1::2", "remoteAs" : "112"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1.1.1.1", "remoteAs" : "111"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"1::1", "remoteAs" : "111"}'
  6. Create the routes.
    An example of static routes:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name":"4.4.4.1/32", "blackhole": true}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name": "4::1/128", "blackhole": true}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name":"3.3.3.1/32", "blackhole": true}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/route -H "Content- Type: application/json" -X POST -d '{"name": "3::1/128", "blackhole": true}'
    An example of connected routes (self IP addresses):
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"4.4.4.2/32", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"4::2/128", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"3.3.3.2/32", "vlan": "testVlan", "allowService": "none"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/net/self -H "Content- Type: application/json" -X POST -d '{"name":"3::2/128", "vlan": "testVlan", "allowService": "none"}'
    An example of kernel routes (virtual-addresses):
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "4.4.4.3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.130.174/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "4::3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "3.3.3.3", "routeAdvertisement": "always"}' curl -k -u admin:admin https://10.144.128.231/mgmt/tm/ltm/virtual-address -H "Content-Type: application/json" -X POST -d '{"name": "3::3", "routeAdvertisement": "always"}'
  7. To verify the routes have been exchanged:
    tmsh show net routing bgp
    It can take about 10 seconds for the daemon to start up.
  8. To modify the configuration:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"5.5.5.5", "remoteAs" : "535"}'

Restore the original ZebOS routing configuration from iControl REST

The routing config sync status is in the prompt. If you encounter a config sync failure that you are not able to fix, or if you need to return to your original ZebOS routing configuration, you can restore the ZebOS configuration with the backed up file. Restoring a UCS should fully restore the ZebOS configuration. Note that restoring a UCS interrupts routing.
  1. Delete the neighbor. For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor/5.5.5.5/ -H "Content-Type: application/json" -X DELETE
  2. To verify that the neighbor is deleted:
    tmsh list net routing
  3. Delete all other objects including configured prefix lists and access lists.
    Use the command
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/<object>/all -H "Content-Type: application/json" -X DELETE
    where <object> is the routing object type.
    For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP -H "Content-Type: application/json" -X DELETE
You should now be able to continue working on your configuration in ZebOS
imish
.