NSX-T 3.0.1 Unable to configure BGP on VRF

This post was originally published on this site

Hello,

 

We have updated NSX-T from 3.0.0 to 3.0.1 for testing purpose and came across an issue while configuring BGP on a VRF router with error

 

“Only ECMP enabled BGP aggregate to be configured for VRF BGP routing”.

 

While looking at the log on nsx manager we can see that:

2020-08-18T14:32:06.619Z ERROR http-nio-127.0.0.1-6440-exec-93 BgpRoutingConfigServiceImpl – POLICY [nsx@6876 comp=”nsx-manager” errorCode=”MP503175″ level=”ERROR” reqId=”e00c0b8d-559b-48e6-841b-0c2fbad67cb2″ subcomp=”policy” username=”admin”] BGP config is not allowed in vrf tier0

2020-08-18T14:32:06.620Z  WARN http-nio-127.0.0.1-6440-exec-93 ProtectionAspect – SYSTEM [nsx@6876 comp=”nsx-manager” level=”WARNING” reqId=”e00c0b8d-559b-48e6-841b-0c2fbad67cb2″ subcomp=”policy” username=”admin”] Managed Resource (com.vmware.nsx.management.internal.security.authz.ProtectionAspect) without proper calling info: _nsxCaller=admin _nsxIsAdmin=true _nsxContext=/policy/api/v1/infra

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 AuditingServiceImpl – – [nsx@6876 audit=”true” comp=”nsx-manager” level=”INFO” reqId=”e00c0b8d-559b-48e6-841b-0c2fbad67cb2″ subcomp=”policy” update=”true” username=”admin”] UserName=”admin”, ModuleName=”PolicyConnectivity”, Operation=”PatchBgpRoutingConfig”, Operation status=”failure”, New value=[“vrf1” “default” {“enabled”:true,”ecmp”:true,”graceful_restart_config”:{“mode”:”HELPER_ONLY”,”timer”:{“restart_timer”:180,”stale_route_timer”:600}},”resource_type”:”BgpRoutingConfig”,”id”:”bgp”,”display_name”:”bgp”,”path”:”/infra/tier-0s/vrf1/locale-services/default/bgp”,”relative_path”:”bgp”,”parent_path”:”/infra/tier-0s/vrf1/locale-services/default”,”unique_id”:”4658c09c-8a98-45f3-8e31-554f1224cbc1″,”marked_for_delete”:false,”overridden”:false,”_create_user”:”admin”,”_create_time”:1597759265910,”_last_modified_user”:”admin”,”_last_modified_time”:1597759265912,”_system_owned”:false,”_protection”:”UNKNOWN”,”_revision”:0}]

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 HierarchicalAPIAuthorizationAspect – POLICY [nsx@6876 comp=”nsx-manager” level=”INFO” subcomp=”policy”] Resetting HierarchicalAPIAuthorization for void com.vmware.nsx.management.policy.connectivity.facade.PolicyConnectivityFacadeImpl.patchResources(List)

2020-08-18T14:32:06.620Z  WARN http-nio-127.0.0.1-6440-exec-93 PolicyHierarchicalAPIUtils – POLICY [nsx@6876 comp=”nsx-manager” level=”WARNING” subcomp=”policy”] Error while performing hierarchical patch

com.vmware.nsx.management.common.exceptions.InvalidArgumentException: null

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validateVrf(BgpRoutingConfigServiceImpl.java:416) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validate(BgpRoutingConfigServiceImpl.java:283) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.BgpRoutingConfigServiceImpl.validate(BgpRoutingConfigServiceImpl.java:51) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl.saveInternal(PolicyServiceImpl.java:708) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl.createOrUpdate_aroundBody4(PolicyServiceImpl.java:330) ~[policy-framework-api-1.0.jar:?]

        at com.vmware.nsx.management.policy.policyframework.service.PolicyServiceImpl$AjcClosure5.run(PolicyServiceImpl.java:1) ~[policy-framework-api-1.0.jar:?]

        ….

        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.7.RELEASE.jar:5.1.7.RELEASE]

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]

        …

        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_241]

2020-08-18T14:32:06.620Z  INFO http-nio-127.0.0.1-6440-exec-93 PolicyHierarchicalAPIUtils – POLICY [nsx@6876 comp=”nsx-manager” level=”INFO” subcomp=”policy”] Got errors during hierarchical patch – [{“moduleName”:”Policy”,”errorCode”:503175,”errorMessage”:”Only ecmp, enabled, BGP Aggregate to be configured for VRF BGP Config.”}]

 

Does anyone else came accross this issue ?

 

It only affect 3.0.1 we didn’t have this on 3.0.0.

 

BR,

Louis

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.