Guide That Contains This Content
[+] Expand All
[-] Collapse All

    BGP as a Service

    The BGP as a service (BGPaaS) feature allows a guest virtual machine (VM) to place routes in its own virtual routing and forwarding (VRF) instance using BGP.

    Contrail BGPaaS Features

    Using BGPaaS with Contrail requires the guest VM to have connectivity to the control node and to be able to advertise routes into the VRF instance.

    With the BGPaaS feature:

    • The vRouter agent is able to accept BGP connections from the VMs and proxy them to the control node.
    • The vRouter agent always selects one of the control nodes that it is using as an XMPP server.

    The proxy capability is enabled using the following configuration:


    The model used is similar to Junos OS. Two BGP router objects are configured under the virtual network. One object represents the control node and the other object represents the VNF. A connection between these two objects represents peering. Peering families can be configured as properties on this connection.

    Model for the VNFs

    The VNF has an IPv4 (inet) BGP peering relationship with the default gateway, which is required to be the vRouter in this virtual network. There is a configurable limit on the number of prefixes the VNF can send.

    A second BGP session for high availability can also be configured appropriately using one more BGP router object in the Contrail configuration and the peering session (from the VNF’s point of view) to the DNS IP address (reserved by Contrail).

    The following are caveats:

    • BGP sessions must use IPv4 transport.
    • The VNF must support RFC 2545, Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing, to carry IPv6 routes over the IPv4 peer.
    • Only IPv4 (inet) and IPv6 (inet6) address families are supported.

    BGPaaS Customer Use Cases

    This section provides example scenarios for implementing BGPaaS with Contrail.

    Dynamic Tunnel Insertion Within a Tenant Overlay

    Various applications need to insert dynamic tunnels into virtual networks. VNFs provide the function of tunnel termination. Tunnel termination types vary across application types, such as business VPN, mobility small site backhaul, VPC, and the like. The key requirement is that tunnels need to insert dynamically new network reachability information into the virtual network. The predominant methods of tunnel network reachability insertion use BGP.

    BGPaaS allows the migration of brownfield VNFs into Contrail, preserving the application behavior and requirement for BGP, without rewriting the application.

    The following figure is a generic example showing the need to insert a dynamic tunnel into a virtual network.

    Dynamic Network Reachability of Applications

    The Domain Name System (DNS) is a widespread application that uses BGP as a mechanism to tune reachability of its services, based on metrics such as load, maintenance, availability, and the like. As DNS services are migrated to environments using overlays, a mechanism to preserve the existing application behavior and requirements is needed, including the ability to announce and withdraw reachability to the available application.

    This requirement is not limited to DNS. Other applications, such as virtualized evolved packet core (vEPC) and others, use BGP as a mechanism for network reachability based on availability and load.

    Liveness Detection for High Availability

    Various keepalive mechanisms for tenant reachability have been provided by network components such as BGP, OSPF, PING, VRRP, BFD, or application-specific mechanisms. With BGP on the vRouter agent, BGP can be used to provide a liveness detection mechanism between the tenant on the local compute node and the services that the specific tenant VM is providing.

    Configuring BGPaaS

    The following are methods for configuring BGPaaS.

    Configuring BGPaaS Using VNC API

    The following procedure uses VNC APIs to configure BGPaaS.

    1. Access the default project.

      default_project = self._vnc_lib.project_read(fq_name=[u'default-domain', ‘bgpaas-tenant’])

    2. Create a BGPaaS object.

      bgpaas_obj = BgpAsAService(name=‘bgpaas_1’, parent_obj=default_project)

    3. Attach the BGP object to a precreated VMI.


    4. Set the ASN. It must be an eBGP session.


      If the ASN is not set, the primary instance IP will be chosen.


    5. Set session attributes.

      bgp_addr_fams = AddressFamilies(['inet’, ‘inet6’])
      bgp_sess_attrs = BgpSessionAttributes(address_families=bgp_addr_fams,hold_time=60)

    Deleting a BGPaaS Object

    Use the following to delete a BGPaaS object.

    fq_name=[u'default-domain', ‘bgpaas-tenant’, ‘bgpaas_1’]
    bgpaas_obj = self._vnc_lib.bgp_as_a_service_read(fq_name=fq_name)

    Using the Contrail User Interface to Configure BGPaaS

    Use the following to configure BGPaaS within a tenant.

    1. Within a tenant in Contrail, navigate to Configure > Services > BGP as a Service. Select the + icon to access the window Create BGP as a Service, as shown in the following.
    2. Enter the relevant information at the Create BGP as a Service window, including ASN, address family, and VMI identification.
    3. Click the Save button to create the BGP object.

    Modified: 2016-03-21