My Support
  1. AskF5 Home
  2. Knowledge Centers
  3. BIG-IP LTM
  4. BIG-IP Dynamic Routing with tmsh and iControl REST
  5. Configuring BGP and BFD with iControl REST
Manual Chapter : Configuring BGP and BFD with iControl REST

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.3, 13.1.1, 13.1.0
Manual Chapter
Table of Contents | << Previous Chapter

Configuring BGP and BFD with iControl REST

Most of what you can do in tmsh works in iControl® REST. If you are not familiar with iControl REST API, you can find more documentation in the iControl REST wiki.

Move ZebOS BGP and BFD routing configuration to iControl REST

Before moving your configuration to iControl REST, be sure to create the VLANs and Self-IP addresses you need to use.
You have to create a new deployment because migration compatibility is not yet available.
  1. Enable the sys db variable by adding a JSON object to the URI.
    For example, if you had two devices (10.144.130.174 and 10.144.128.231) you would enter this command into a terminal that can reach both devices: 
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/sys/db/tmrouted.tmos.ro
uting/ -H "Content-Type: application/json" -X PUT -d 
'{"value": "enable"}'
    curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/sys/db/tmrouted.tmos.ro
uting/ -H "Content-Type: application/json" -X PUT -d 
'{"value": "enable"}'
  2. Remove existing routing protocols.
    For example:
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/route-domain/0/ -H 
"Content-Type: application/json" -X PATCH -d 
'{"routingProtocol": []}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/route-domain/0/ -H 
"Content-Type: application/json" -X PATCH -d 
'{"routingProtocol": []}'
  3. Create the routing instance: name, specify the AS, redistribute connected, static, and kernel routes.
    For example:
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/routing/bgp -H 
"Content-Type: application/json" -X POST -d '{"name": 
"testBGP", "localAs": "111", "addressFamily": [ 
{"name": "ipv4", "redistribute": [ {"name": 
"connected"}, {"name": "static"}, {"name": 
"kernel"}]}, {"name": "ipv6", "redistribute": [ 
{"name": "connected"}, {"name": "static"}, {"name": 
"kernel"}]}]}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/routing/bgp -H 
"Content-Type: application/json" -X POST -d '{"name": 
"testBGP", "localAs": "112", "addressFamily": [ 
{"name": "ipv4", "redistribute": [ {"name": 
"connected"}, {"name": "static"}, {"name": 
"kernel"}]}, {"name": "ipv6", "redistribute": [ 
{"name": "connected"}, {"name": "static"}, {"name": 
"kernel"}]}]}'
  4. To verify the routing instance:
    tmsh list net routing
  5. Set the routers up as neighbors.
    For example:
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP
/neighbor -H "Content-Type: application/json" -X POST 
-d '{"name":"1.1.1.2", "remoteAs" : "112"}'
curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP
/neighbor -H "Content-Type: application/json" -X POST 
-d '{"name":"1::2", "remoteAs" : "112"}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP
/neighbor -H "Content-Type: application/json" -X POST 
-d '{"name":"1.1.1.1", "remoteAs" : "111"}'
curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/routing/bgp/testBGP
/neighbor -H "Content-Type: application/json" -X POST 
-d '{"name":"1::1", "remoteAs" : "111"}'
  6. Create the routes.
    An example of static routes: 
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/route -H "Content-
Type: application/json" -X POST -d 
'{"name":"4.4.4.1/32", "blackhole": true}'
curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/route -H "Content-
Type: application/json" -X POST -d '{"name": 
"4::1/128", "blackhole": true}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/route -H "Content-
Type: application/json" -X POST -d 
'{"name":"3.3.3.1/32", "blackhole": true}'
curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/route -H "Content-
Type: application/json" -X POST -d '{"name": 
"3::1/128", "blackhole": true}'
    An example of connected routes (self IP addresses): 
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/self -H "Content-
Type: application/json" -X POST -d 
'{"name":"4.4.4.2/32", "vlan": "testVlan", 
"allowService": "none"}'
curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/net/self -H "Content-
Type: application/json" -X POST -d 
'{"name":"4::2/128", "vlan": "testVlan", 
"allowService": "none"}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/self -H "Content-
Type: application/json" -X POST -d 
'{"name":"3.3.3.2/32", "vlan": "testVlan", 
"allowService": "none"}'
curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/net/self -H "Content-
Type: application/json" -X POST -d 
'{"name":"3::2/128", "vlan": "testVlan", 
"allowService": "none"}'
    An example of kernel routes (virtual-addresses): 
    curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/ltm/virtual-address -H 
"Content-Type: application/json" -X POST -d '{"name": 
"4.4.4.3", "routeAdvertisement": "always"}'
curl -k -u admin:admin 
https://10.144.130.174/mgmt/tm/ltm/virtual-address -H 
"Content-Type: application/json" -X POST -d '{"name": 
"4::3", "routeAdvertisement": "always"}'

curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/ltm/virtual-address -H 
"Content-Type: application/json" -X POST -d '{"name": 
"3.3.3.3", "routeAdvertisement": "always"}'
curl -k -u admin:admin 
https://10.144.128.231/mgmt/tm/ltm/virtual-address -H 
"Content-Type: application/json" -X POST -d '{"name": 
"3::3", "routeAdvertisement": "always"}'
  7. To verify the routes have been exchanged:
    tmsh show net routing bgp
    It can take about 10 seconds for the daemon to start up.
  8. To modify the configuration:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor -H "Content-Type: application/json" -X POST -d '{"name":"5.5.5.5", "remoteAs" : "535"}'

Restore the original ZebOS routing configuration from iControl REST

The routing config sync status is in the prompt. If you encounter a config sync failure that you are not able to fix, or if you need to return to your original ZebOS routing configuration, you can restore the ZebOS configuration with the backed up file. Restoring a UCS should fully restore the ZebOS configuration. Note that restoring a UCS interrupts routing.
  1. Delete the neighbor. For example:
    curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP /neighbor/5.5.5.5/ -H "Content-Type: application/json" -X DELETE
  2. To verify that the neighbor is deleted:
    tmsh list net routing
  3. Delete all other objects including configured prefix lists and access lists.
    Use the command curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/<object>/all -H "Content-Type: application/json" -X DELETE where <object> is the routing object type.
    For example: curl -k -u admin:admin https://10.144.130.174/mgmt/tm/net/routing/bgp/testBGP -H "Content-Type: application/json" -X DELETE
You should now be able to continue working on your configuration in ZebOS imish.
Table of Contents | << Previous Chapter

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks

©2019 F5 Networks, Inc. All rights reserved.

Policies Privacy Trademarks