Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Contrail] Example - BGPaaS Controller Selection

0

0

Article ID: KB34068 KB Last Updated: 29 Mar 2019Version: 1.0
Summary:

Contrail supports the BGP-as-a-service (BGPaaS) feature. The following articles provide configuration examples:

This article demonstrates how does the vrouter selects a particular controller to which the BGPaaS session will be forwarded to.

Solution:

Topology:

        Contrail controllers               Computes             VNF
     ...............................    .................   ..............
     .   +-------+                 .    .  +-------+    .   .  +-------+ .
     .   |       |       XMPP      .    .  |       |.1  .   .  |       | .4.4.4.100
     .   |cont101+-------------------------+bcomp79+----.BGP.--+ vsrx1 +-.---
     .   |       |       BGP       .    .  |       | AAP.   .  |       | .
     .   +-------+                 . ___.__+-------+    .   .  +-------+ .
     .                          __./   .               .   .            .
     .                 +-------+/XMPP   .               .   .            .
     .                 |       |   .    .               .   .            .
     .                 |cont103|   .    .               .   .            .
     .                 |       |   .    .               .   .            .
     .                 +-------+_ XMPP  .               .   .            .
     .                           \_._   .               .   .            .
     .    +-------+            BGP . \__.__+-------+    .   .  +-------+ .
     .    |       |                .    .  |       |.1  .   .  |       | .4.4.4.100
     .    |cont102+------------------------+bcomp80+----.BGP.--+ vsrx2 +-.----
     .    |       |      XMPP      .    .  |       | AAP.   .  |       | .
     .    +-------+                .    .  +-------+    .   .  +-------+ .
     .                             .    .               .   .            .
     ...............................    .................   ..............

In the diagram above:

  • There are three controllers: cont101, cont102, cont103, named CN1,CN2,CN3 respectively
  • There are two compute nodes: bcomp79, bcomp80. The focus in this article is on bcomp79.
  • There are two vsrx virtual-machine: vsrx1, vsrx2. The focus in this article is vsrx1 on bcomp79.
  • From each vsrx, either the default gateway (4.4.4.1) or the DNS IP (4.4.4.2) as BGP neighbor IP can be configured.
Refer to the links listed in the summary for information on how BGPaaS works.

 

Compute node neighbors:

Each compute node has two XMPP neighbors. Bcomp79 compute node's two neighbors can be listed by introspect vrouter `Snh_AgentXmppConnectionStatusReq`:

    bcomp79$ curl http://127.0.0.1:8085/Snh_AgentXmppConnectionStatusReq | xmllint --format -
    <AgentXmppConnectionStatus type="sandesh">
      <peer type="list" identifier="1">
        <list type="struct" size="2">
          <AgentXmppData>
            <controller_ip type="string" identifier="1">172.18.101.102</controller_ip>  #<--- CN2
            <state type="string" identifier="2">Established</state>
            <peer_name type="string" identifier="3">network-control@contrailsystems.com</peer_name>
            <peer_address type="string" identifier="4">172.18.101.102:5269</peer_address>
            <cfg_controller type="string" identifier="5">Yes</cfg_controller>
            <mcast_controller type="string" identifier="6">Yes</mcast_controller>
            <last_state type="string" identifier="7">OpenSent</last_state>
            <last_event type="string" identifier="8">xmsm::EvXmppKeepalive</last_event>
            <last_state_at type="string" identifier="9">2019-Mar-21 18:59:19.033388</last_state_at>
            <flap_count type="u32" identifier="10">5</flap_count>
            <flap_time type="string" identifier="11">2019-Mar-21 18:59:18.894987</flap_time>
            <rx_proto_stats type="struct" identifier="12">
              <ControllerProtoStats>
                <open type="u32" identifier="1">6</open>
                <keepalive type="u32" identifier="2">8112</keepalive>
                <update type="u32" identifier="3">1269</update>
                <close type="u32" identifier="4">0</close>
              </ControllerProtoStats>
            </rx_proto_stats>
            <tx_proto_stats type="struct" identifier="13">
              <ControllerProtoStats>
                <open type="u32" identifier="1">6</open>
                <keepalive type="u32" identifier="2">6639</keepalive>
                <update type="u32" identifier="3">1402</update>
                <close type="u32" identifier="4">0</close>
              </ControllerProtoStats>
            </tx_proto_stats>
            <xmpp_auth_type type="string" identifier="14">NIL</xmpp_auth_type>
          </AgentXmppData>
          <AgentXmppData>
            <controller_ip type="string" identifier="1">172.18.101.101</controller_ip>  #<--- CN1
            <state type="string" identifier="2">Established</state>
            <peer_name type="string" identifier="3">network-control@contrailsystems.com</peer_name>
            <peer_address type="string" identifier="4">172.18.101.101:5269</peer_address>
            <cfg_controller type="string" identifier="5">No</cfg_controller>
            <mcast_controller type="string" identifier="6">No</mcast_controller>
            <last_state type="string" identifier="7">OpenSent</last_state>
            <last_event type="string" identifier="8">xmsm::EvXmppKeepalive</last_event>
            <last_state_at type="string" identifier="9">2019-Mar-21 18:59:50.058084</last_state_at>
            <flap_count type="u32" identifier="10">5</flap_count>
            <flap_time type="string" identifier="11">2019-Mar-21 18:59:33.496267</flap_time>
            <rx_proto_stats type="struct" identifier="12">
              <ControllerProtoStats>
                <open type="u32" identifier="1">6</open>
                <keepalive type="u32" identifier="2">11524</keepalive>
                <update type="u32" identifier="3">1426</update>
                <close type="u32" identifier="4">0</close>
              </ControllerProtoStats>
            </rx_proto_stats>
            <tx_proto_stats type="struct" identifier="13">
              <ControllerProtoStats>
                <open type="u32" identifier="1">6</open>
                <keepalive type="u32" identifier="2">9829</keepalive>
                <update type="u32" identifier="3">1323</update>
                <close type="u32" identifier="4">0</close>
              </ControllerProtoStats>
            </tx_proto_stats>
            <xmpp_auth_type type="string" identifier="14">NIL</xmpp_auth_type>
          </AgentXmppData>
        </list>
      </peer>
      <more type="bool" identifier="0">false</more>
    </AgentXmppConnectionStatus>

 

The information above can be better illustrated in the following table:


Compute node selecting a Contrail Controller:

The lab test confirmed the following rules regarding how a compute node selects a Contrail controller:

  • The controller will be selected from one of the XMPP neighbors.

  • The vrouter identifies the two XMPP neighbors as `channel 0` and `channel 1`.

  • The channel number is determined by the order in the list of the above vrouter agent introspect output:  `Snh_AgentXmppConnectionStatusReq`
    http://127.0.0.1:8085/Snh_AgentXmppConnectionStatusReq
    Whichever appears first in the neighbor lists will be marked as channel0, and the other one will be marked as channel1. Therefore in our example:

    •   cont102(CN2) will be marked as channel0
    •   cont101(CN1) will be marked as channel1
  • To verify the XMPP channel allocation, you can query vrouter agent introspect `Snh_SandeshTraceRequest` with the filter `ControllerRxRouteXmppMessage1/2`. The output will only contain the controller IP of corresponding channel.

    • Below is the channel0's sandesh trace
      http://127.0.0.1:8085/Snh_SandeshTraceRequest?x=ControllerRxRouteXmppMessage1
    • Below is the channel1's sandesh trace
      http://127.0.0.1:8085/Snh_SandeshTraceRequest?x=ControllerRxRouteXmppMessage2
  • For the .1 BGP session, vrouter will select channel0 controller as its BGPaaS neighbor; therefore vrouter bcomp79 will forward the BGP session from vsrx1 destined to 4.4.4.1 to cont102 only.

  • For the .2 BGP session, vrouter will select channel1 controller as its BGPaaS neighbor; therefore vrouter bcomp79 will forward the BGP session from vsrx1 destined to 4.4.4.2 to cont101 only.

The lab test confirmed the behavior of the rules mentioned above:

  • If CN3 is up and running, shutting down or restarting the current channel0 control node (cont102/CN2) will result in CN3 replacing CN2's position. Then CN3 will be the channel0 controller and the BGPaaS session will flap and switch to CN3 from CN2.

  • Assuming CN3 is down and not available, restarting the current channel0 control node (cont102/CN2) will result in a CN2 XMPP session flap. However it will still hold the channel0 position, and therefore the current BGPaaS session in CN2 will be flapped accordingly without switching to other controller.

  • Assuming CN3 is down and not available. shutting down current channel0 control node (cont102/CN2) will result in a CN2 XMPP session stay down. However, it will still hold channel0 position, and therefore current BGPaaS session in CN2 will go down and never come up until CN2 comes back up. The BGPaaS session will NOT go to CN1 even if it is the only up and running controller.

  • Flapping the BGP session from within the VSRX will NOT switch the peer controller.

 

Note: The behavior described in this article is verified in a Contrail setup with version 3.2. It may change in a higher release.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search