Cumulus Networks Product Bulletin 2016-04-28: BGP Configurations Unexpectedly Removed after Disabling a Peer

Follow

Issue

Executing the BGP no neighbor activate command or the Cumulus Linux cl-bgp neighbor deactivate command to disable a BGP peer removes all associated address-family configurations, such as route-maps and prefix-lists; however, the peer neighbor statement remains. 

Environment

Cumulus Linux 2.5.7 and earlier

Root Cause

This behavior is due to the default implementation from network OS vendors, including Quagga, which Cumulus Linux uses for routing. The activate and no activate commands are intended to enable or disable a particular address-family for a neighbor, not to bring down/up the peering session, though that may occur as a side effect.

When these commands are issued under router bgp (that is, without an address-family specified), they pertain to the IPv4 unicast address-family. This behavior exists for historical reasons.

Address-family parameters for a neighbor can be configured only after that address-family has been activated for that neighbor, and address-family parameters for a neighbor — including route-maps and prefix-lists — are deleted when that address-family is deactivated for the neighbor.

Resolution

The correct way to disable a peer is with the neighbor shutdown command:

!
router bgp 65535
neighbor 192.0.2.0 shutdown
neighbor 192.0.2.0 route-map filter-routes out
neighbor 192.0.2.0 default-originate
!

or cl-bgp neighbor stop command:

cumulus@switch:~$ sudo cl-bgp neighbor stop 192.0.2.0

This preserves all neighbor-specific configurations for when the peer is brought back into service.

This behavior will change starting with Cumulus Linux 3.0.0, so that address-family parameters can be preconfigured before activation and deactivation will not delete them.

Stay Informed

Subscribe to our product bulletin mailing list to learn about these announcements as soon as they're made.

Have more questions? Submit a request

Comments

Powered by Zendesk