Juniper Openstack

global ASN configured by DM causes conflict when import existing fabric

Bug #1795713 reported by Tony Liu
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R5.0
Fix Committed
Critical
Rishabh Tulsian
Juniper Openstack r5.0.2
Trunk
Fix Committed
Critical
Rishabh Tulsian
Juniper Openstack r5.1.0

Bug Description

/opt/contrail/fabric_ansible_playbooks/roles/cfg_overlay_evpn/templates/juniper_junos-qfx_overlay_evpn.j2

It sets global ASN. When importing existing fabric where global ASN is already set, this causes conflict.
For Contrail overlay BGP peering, local-as should be used in the group to avoid conflict.

Tony Liu (taoliu-7)
tags: added: 5.0.2 blocker
Tony Liu (taoliu-7)
affects: opencontrail → juniperopenstack
Changed in juniperopenstack:
assignee: nobody → Rishabh Tulsian (rtulsian)
assignee: Rishabh Tulsian (rtulsian) → nobody
milestone: none → r5.0.2
assignee: nobody → Rishabh Tulsian (rtulsian)
Jeba Paulaiyan (jebap)
tags: added: fabric overlay
Revision history for this message
Tony Liu (taoliu-7) wrote :

In case of importing existing fabric where [ routing-options autonomous-system ] is already configured,
don't set [ groups __contrail_ip_clos__ routing-options autonomous-system ] again. To build overlay
BGP peering, set [ groups __contrail_overlay_bgp__ protocols bgp group <name> local-as ].

In case of building fabric from scratch, [ groups __contrail_ip_clos__ routing-options autonomous-system ]
can be set for underlay BGP peering. But 'local-as' should still be set for overlay, in case overlay
and underlay use different ASN.

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

These reviews should take care of this bug

https://review.opencontrail.org/#/c/46501/
https://review.opencontrail.org/#/c/46547/

Revision history for this message
Dilip Sundarraj (dsundarraj-j) wrote :

@Rishabh @Sarin will this make it into 5.0.2?

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

Most likely, the reviews should get merged today

Revision history for this message
Tony Liu (taoliu-7) wrote :

local-as was added into cfg_underlay_ip_clos/templates/juniper_underlay_ip_clos.j2,
which is not applied in case of importing existing fabric.

It should be added into cfg_overlay_bgp/templates/juniper_junos-qfx_overlay_bgp.j2.

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

Whatever we do in underlay_ip_clos is underlay configuration that's part of ztp. In brownfield scenario we expect that config to be setup by whoever is setting up the underlay.

Revision history for this message
Tony Liu (taoliu-7) wrote :

In case of brownfield, underlay is configured by user, overlay is configured by Contrail.
local-as is part of overlay. Agree?

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

The local-as that you are referring to in cfg_underlay_ip_clos/templates/juniper_underlay_ip_clos.j2 is the underlay asn allocated from the underlay asn range provided for ZTP fabric. Its not overlay asn.

The overlay asn is configured by cfg_overlay_bgp/templates/juniper_junos-qfx_overlay_bgp.j2.
This is consistent with the behavior of DM prior to 5.0.1 when DM used netconf to push the config directly.

Revision history for this message
Tony Liu (taoliu-7) wrote :

"The overlay asn is configured by cfg_overlay_bgp/templates/juniper_junos-qfx_overlay_bgp.j2."

With 5.0-290, I don't see local-as in that template. Could you confirm?

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

https://github.com/Juniper/contrail-controller/blob/master/src/config/fabric-ansible/ansible-playbooks/roles/cfg_overlay_bgp/templates/juniper_junos-qfx_overlay_bgp.j2#L6

Revision history for this message
Rishabh Tulsian (rtulsian) wrote :

@Tony, as discussed on the call the user can configure the global ASN in the UI under the global system config. For underlay ebgp the expectation is that the user should configure the underlay ASN as local-as under the underlay bgp group.

We can discuss over email if there needs to be changes to this workflow and if we should add more user options to the workflow.

Revision history for this message
Soumil Kulkarni (soumilk) wrote : Devices not available for Image Upgrade.

Hey Guys,

    Can we use this email chain to clear the confusion for https://bugs.launchpad.net/juniperopenstack/+bug/1801147 .

@Bartosz and @Rishabh can you guys put forth your respective points. If we can have a quick sync up between us and solve this, should be fine as well. As long as we get this pushed in today’s build. I am happy ☺

- Soumil Kulkarni

Revision history for this message
Bartosz Kupidura (zynzel) wrote :

Hey Soumil,

Probably im not Bartosz You are looking for 😉

Best Regards,
Bartosz Kupidura

Od: Soumil Kulkarni <email address hidden>
Data: czwartek, 1 listopada 2018 20:15
Do: Bartosz Kupidura <email address hidden>, Rishabh Tulsian <email address hidden>, Sahana Chandrashekar <email address hidden>, Qasim Arham <email address hidden>
Temat: Devices not available for Image Upgrade.

Hey Guys,

    Can we use this email chain to clear the confusion for https://bugs.launchpad.net/juniperopenstack/+bug/1801147 .

@Bartosz and @Rishabh can you guys put forth your respective points. If we can have a quick sync up between us and solve this, should be fine as well. As long as we get this pushed in today’s build. I am happy ☺

- Soumil Kulkarni

Revision history for this message
Soumil Kulkarni (soumilk) wrote :

Adding the correct Bartosz … Sorry for the confusion !

- Soumil Kulkarni

From: Bartosz Kupidura <email address hidden>
Date: Friday, November 2, 2018 at 2:23 AM
To: Soumil Kulkarni <email address hidden>, Rishabh Tulsian <email address hidden>, Sahana Chandrashekar <email address hidden>, Qasim Arham <email address hidden>
Subject: Re: Devices not available for Image Upgrade.

Hey Soumil,

Probably im not Bartosz You are looking for 😉

Best Regards,
Bartosz Kupidura

Od: Soumil Kulkarni <email address hidden>
Data: czwartek, 1 listopada 2018 20:15
Do: Bartosz Kupidura <email address hidden>, Rishabh Tulsian <email address hidden>, Sahana Chandrashekar <email address hidden>, Qasim Arham <email address hidden>
Temat: Devices not available for Image Upgrade.

Hey Guys,

    Can we use this email chain to clear the confusion for https://bugs.launchpad.net/juniperopenstack/+bug/1801147 .

@Bartosz and @Rishabh can you guys put forth your respective points. If we can have a quick sync up between us and solve this, should be fine as well. As long as we get this pushed in today’s build. I am happy ☺

- Soumil Kulkarni

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.