Configuring BGP

Cisco NX-OS supports BGP version 4, which includes multiprotocol extensions that allow BGP to carry routing information for IP multicast routes and multiple Layer 3 protocol address families. BGP uses TCP as a reliable transport protocol to create TCP sessions with other BGP-enabled devices.

BGP uses a path-vector routing algorithm to exchange routing information between BGP-enabled networking devices or BGP speakers. Based on this information, each BGP speaker determines a path to reach a particular destination while detecting and avoiding paths with routing loops. The routing information includes the actual route prefix for a destination, the path of autonomous systems to the destination, and additional path attributes.

BGP selects a single path, by default, as the best path to a destination host or network. Each path carries well-known mandatory, well-known discretionary, and optional transitive attributes that are used in BGP best-path analysis. You can influence BGP path selection by altering some of these attributes by configuring BGP policies

For more information about basic and advanced BGP configuration, see the Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide

For other BGP information, such as configuring L2VPN EVPN, VPNv4 unicast, IPv4 MVPN, and IPv6 MVPN address families, see the Cisco Programmable Fabric with VXLAN BGP EVPN Configuration Guide and the Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-installation-and-configuration-guides-list.html/

This section contains payload examples and CLIs to demonstrate how to use the NX-API REST API to configure BGP on Cisco Nexus 3000 and 9000 Series switches and to show how the REST APIs correspond to the CLI commands.

Enabling BGP

Enabling BGP 

POST http://<mgmt0_IP>/api/mo/sys.json

{
  "topSystem": {
    "children": [
      {
        "fmEntity": {
          "children": [
            {
              "fmBgp": {
                "attributes": {
                  "adminSt": "enabled"
                }
              }
            }
          ]
        }
      }
    ]
  }
}

{
    imdata:[]
}

<System>
  <fm-items>
    <bgp-items>
      <adminSt>enabled</adminSt>
    </bgp-items>
  </fm-items>
</System>

Using the IPv4 or IPv6 labeled unicast address family requires installing and enabling MPLS segment routing.


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

feature bgp

Note: The property information for this example was added in Release 9.3(3).


Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MODN
topSystem sys
fmEntity sys/fm
fmBgp sys/fm/bgp


fmBgp Properties

The following table contains information about the fmBgp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
adminStfm:AdminState
(scalar:Enum8)		Admin statusSELECTION:
1 - enabled
2 - disabled
DEFAULT: disabled


Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Configuring BGP Type 6 Password Encryption

Configuring BGP Type 6 Password Encryption

POST http://<mgmt0_IP>/api/mo/sys.json

{
  "topSystem": {
    "children": [
      {
        "bgpEntity": {
          "children": [
            {
              "bgpInst": {
                "attributes": {
                  "asn": "1"
                },
                "children": [
                  {
                    "bgpDom": {
                      "attributes": {
                        "name": "default"
                      },
                      "children": [
                        {
                          "bgpPeer": {
                            "attributes": {
                              "addr": "99.99.99.99",
                              "inheritContPeerCtrl": "",
                              "passwdType": "6",
                              "password": "JDYkihQsYocaR/FEDF/4xqpl6yRWnIutiT+IH0cJH4+IoFSumH2kEGgiadg1MMaWonSPn3egWUReuVqLVoCe5tF9GLz81wIisMxeq1vQKep3iLwUqS2ujMn/39WIWRrwOUJzACThF7fRcY8N9bt1R0u1SZJlQgxkdgA="
                            }
                          }
                        }
                      ]
                    }
                  }
                ]
              }
            }
          ]
        }
      }
    ]
  }
}

{
    imdata:[]
}

For Type-6 password encryption to function properly:

  1. Ensure primary key is configured using the key config-key ascii <primary_key> command
  2. Ensure feature password encryption aes is enabled


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

key config-key ascii <primary_key> configure terminal feature password encryption aes router bgp <AS number> template peer <template name> password {0 | 3 | 7 | 6} string (Optional) encryption re-encrypt obfuscated

Note: The property information for this example was added in Release 10.3(3).


Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MODN
bgpPeer sys/bgp/inst/dom-default/peer


bgpPeer Properties

The following table contains information about the bgpPeer properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
passwdTypescalar:Enum8Password EnCrypt TypeSELECTION:
0 - 0
3 - 3
6 - LINE
7 - 7
DEFAULT: LINE
passwordstring:BasicConfigure a password for neighborpassword string


Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Disabling BGP

Disabling BGP 

POST http://<mgmt0_IP>/api/mo/sys.json

{
  "topSystem": {
    "children": [
      {
        "fmEntity": {
          "children": [
            {
              "fmBgp": {
                "attributes": {
                  "adminSt": "disabled"
                }
              }
            }
          ]
        }
      }
    ]
  }
}

{
    imdata:[]
}

<System>
  <fm-items>
    <bgp-items>
      <adminSt>disabled</adminSt>
    </bgp-items>
  </fm-items>
</System>

Using the IPv4 or IPv6 labeled unicast address family requires installing and enabling MPLS segment routing.


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

no feature bgp

Note: The property information for this example was added in Release 9.3(3).


Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MODN
topSystem sys
fmEntity sys/fm
fmBgp sys/fm/bgp


fmBgp Properties

The following table contains information about the fmBgp properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
adminStfm:AdminState
(scalar:Enum8)		Admin statusSELECTION:
1 - enabled
2 - disabled
DEFAULT: disabled


Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Enabling MPLS for the IPv4 and IPv6 Labeled Unicast Address Families

Enabling MPLS for the IPv4 and IPv6 Labeled Unicast Address Families 

POST http://<mgmt0_IP>/api/mo/sys.json

{
  "topSystem": {
    "children": [
      {
        "fsetFeatureSet": {
          "attributes": {
            "adminSt": "enabled",
            "force": "no",
            "name": "mpls"
}}},{
        "fmEntity": {
          "children": [
            {
              "fmMplsSgmntRtg": {
                "attributes": {
                  "adminSt": "enabled"
}}}]}}]}}

{
    imdata:[]
}

<System>
  <fset-items>
    <FeatureSet-list>
      <name>mpls</name>
      <adminSt>enabled</adminSt>
      <force>false</force>
    </FeatureSet-list>
  </fset-items>
  <fm-items>
    <mplssgmntrtg-items>
      <adminSt>enabled</adminSt>
    </mplssgmntrtg-items>
  </fm-items>
</System>

Using the IPv4 or IPv6 labeled unicast address family requires installing and enabling MPLS segment routing.


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

install feature-set mpls
feature-set mpls
feature mpls segment-routing

Note: The property information for this example was added in Release 9.3(3).


Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MODN
topSystem sys
fsetFeatureSet sys/fset-{name}
fmEntity sys/fm
fmMplsSgmntRtg sys/fm/mplssgmntrtg


fsetFeatureSet Properties

The following table contains information about the fsetFeatureSet properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
adminStfset:AdminState
(scalar:Enum8)		Admin statusSELECTION:
0 - none
1 - enabled
2 - disabled
3 - installed
4 - uninstalled
DEFAULT: none
forcescalar:Bool
force statusSELECTION: true or false
namestring:Basic
Feature-set Name
mpls, fex
A sequence of characters


fmMplsSgmntRtg Properties

The following table contains information about the fmMplsSgmntRtg properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
adminStfm:AdminState
(scalar:Enum8)		Admin statusSELECTION:
1 - enabled
2 - disabled
DEFAULT: disabled


Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Enabling EVPN for Configuring the L2VPN EVPN Address Family

Enabling EVPN for Configuring the L2VPN EVPN Address Family

POST http://<mgmt0_IP>/api/mo/sys.json

{
  "topSystem": {
    "children": [
      {
        "fmEntity": {
          "children": [
            {
              "fmEvpn": {
                "attributes": {
                  "adminSt": "enabled"
                }
              }
            }
          ]
        }
      }
    ]
  }
}

{
    imdata:[]
}

<System>
  <fm-items>
    <evpn-items>
      <adminSt>enabled</adminSt>
    </evpn-items>
  </fm-items>
</System>

Using the L2 EVPN address family requires installing and enabling MPLS segment routing.


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

nv overlay evpn

Note: The property information for this example was added in Release 9.3(3).


Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

MODN
topSystem sys
fmEntity sys/fm
fmEvpn sys/fm/evpn


fmEvpn Properties

The following table contains information about the fmEvpn properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Property NameData TypeDescriptionValues
adminStfm:AdminState
(scalar:Enum8)		Admin statusSELECTION:
1 - enabled
2 - disabled
DEFAULT: disabled


Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html