BGP Local Preference Configuration on Cisco ACI
Topology
Initially, we have Leaf-101 and Leaf-102 having BGP neighborship established with router in ASN 65033. And this router (ASN 65033) is advertising the route 172.16.20.0/24 to both neighbors (Leaf-101 and Leaf-102) which are in ASN 65001.
Initial setup
Verify BGP and routing table on both leafs, we see that the eBGP route is preferred in each leaf and installed in RIB:
Leaf-101:
Leaf-101 has 2 BGP paths for the route “172.16.20.0/24”:
- one is eBGP via neighbor 192.168.50.2
- Other is via iBGP, via the fabric and pointing to Leaf-102 TEP 10.0.168.69
The eBGP route is preferred.
leaf-101# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 34, local router ID is 1.1.1.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
* i172.16.20.0/24 10.0.168.69 100 0 65033 i
*>e 192.168.50.2 0 65033 i
leaf-101# acidiag fnvread | grep 10.0.168.69
102 1 leaf-102 FDXXXXXX 10.0.168.69/32 leaf active 0
leaf-101# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 1/0
*via 192.168.50.2%bameur_MC:VRF-MC3, [20/0], 00:21:31, bgp-65001, external, tag 65033
Leaf-102:
Same for Leaf-102, it has 2 BGP paths for the route “172.16.20.0/24”:
- one is eBGP via neighbor 192.168.60.2
- Other is via iBGP, via the ACI fabric and pointing to Leaf-101 TEP 10.0.240.32
leaf-102# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 33, local router ID is 2.2.2.2
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
* i172.16.20.0/24 10.0.240.32 100 0 65033 i
*>e 192.168.60.2 0 65033 i
leaf-102# acidiag fnvread | grep 10.0.240.32
101 1 leaf-101 FDXXXXXXS 10.0.240.32/32 leaf active 0
leaf-102# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 1/0
*via 192.168.60.2%bameur_MC:VRF-MC3, [20/0], 00:24:03, bgp-65001, external, tag 65033
Leaf-103 (compute leaf):
leaf-103# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 2/0
*via 10.0.168.69%overlay-1, [200/0], 00:00:41, bgp-65001, internal, tag 65033
*via 10.0.240.32%overlay-1, [200/0], 00:00:41, bgp-65001, internal, tag 65033
leaf-103# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 102, local router ID is 172.16.30.254
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
*|i172.16.20.0/24 10.0.240.32 100 0 65033 i
*>i 10.0.168.69 100 0 65033 i
Note: iBGP/eBGP path and administrative distance
Preference between eBGP vs iBGP path isn’t directly done according to the the administrative
distance (20 or 200), it will always go through the BGP path selection algorithm.
If there is a tie before the “preference of eBGP over iBGP” step, then eBGP path will be selected
Please refer to the following article about BGP best path selection process:
Configure BGP Local Preference in ACI
The goal is to prefer Leaf-102 for the route 172.16.20.0/24, to do this, we will modify the local preference value when importing the route from the neighbor of leaf-102, we will set it to a value greater than default (100).
Local preference when importing the route from 192.168.60.2 will be set to 200.
Configuration in ACI:
First, I have create a match and set rules:
1- Match rule: to match for the subnet “172.16.20.0/24”
2- Set Rule: In the set rule, we specify the local preference value as 200:
3- Route-map:
Now, we will create a route map for route control:
Navigate to tenant > Policies > Protocol > Route Maps for Route control:
In the route-map, we select the match route and set rule already created:
It will look like this, and submit:
4- Apply the route map:
Last step is to apply the route-map in the Import direction under the BGP neighbor for leaf-102, that way when receiving the route via the neighbor on leaf-102, it will set the local preference as 200:
Verifications:
- After applying the route-map in the inbound (import) direction for the Leaf-102 neighbor, we see this the local preference value has changed to 200 for the route 172.16.20.0/24 received from this neighbor (192.168.60.2, connected to Leaf-102).
- This local preference is propagated inside the ASN 65001 (which is ACI fabric via the Spines which are the Route Reflector). As a result, we see that Leaf-101 is preferring the path via Leaf-102 (pointing to PTEP of leaf-102) instead of directly connected eBGP route.
So basically, when reaching to this destination (route 172.16.20.0/24), ACI will always exit via leaf-102. In case leaf-102 is down, we
Note
Leaf-102:
leaf-102# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 37, local router ID is 2.2.2.2
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
*>e172.16.20.0/24 192.168.60.2 200 0 65033 i
leaf-102# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 1/0
*via 192.168.60.2%bameur_MC:VRF-MC3, [20/0], 00:03:59, bgp-65001, external, tag 65033
Leaf-101:
leaf-101# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 36, local router ID is 1.1.1.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
*>i172.16.20.0/24 10.0.168.69 200 0 65033 i
* e 192.168.50.2 0 65033 i
leaf-101# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 1/0
*via 10.0.168.69%overlay-1, [200/0], 00:04:12, bgp-65001, internal, tag 65033
Leaf-103 (compute leaf):
leaf-103# show ip route vrf bameur_MC:VRF-MC3
IP Route Table for VRF "bameur_MC:VRF-MC3"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.16.20.0/24, ubest/mbest: 1/0
*via 10.0.168.69%overlay-1, [200/0], 00:46:15, bgp-65001, internal, tag 65033
leaf-103# show bgp ipv4 unicast vrf bameur_MC:VRF-MC3
BGP routing table information for VRF bameur_MC:VRF-MC3, address family IPv4 Unicast
BGP table version is 98, local router ID is 172.16.30.254
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
*>i172.16.20.0/24 10.0.168.69 200 0 65033