FRRouting initialization and configuration

SONiC relies on FRRouting (FRR) to provide the routing protocols. SONiC supports the border gateway routing protocol (Border Gateway Protocol – BGP) in FRR.

RR is a suite of daemons that work together to build the routing table. Each major protocol is implemented in its own daemon, and these daemons talk to a middleman daemon zebra, which is responsible for coordinating routing decisions and talking to the dataplane.

About zebra

zebra is an IP routing manager. It provides kernel routing table updates, interface lookups, and redistribution of routes between different routing protocols.

About FRR

SONiC 202111

Instead of purely relying on /etc/sonic/config_db.json, FRR can have its own configuration files.

The config_db.json may contain default BGP configuration data, such as:

    "BGP_NEIGHBOR": {
    "10.0.0.1": {
        "asn": "65200",
        "holdtime": "180",
        "keepalive": "60",
        "local_addr": "10.0.0.0",
        "name": "ARISTA01T2",
        "nhopself": "0",
        "rrclient": "0"
    },
    ...
},
"DEVICE_METADATA": {
    "localhost": {
        "hwsku": "aurora-610",
        "platform": "x86_64-netberg_aurora_610-r0",
        "mac": "70:b3:d5:cc:fd:d0",
        "hostname": "nba610",
        "type": "LeafRouter",
        "bgp_asn": "65100"
    }
},

The “BGP_NEIGHBOR” can be disabled entirely by commenting it out.

The “bgp_asn”: “65100” field hard-code the system ASN number. It can be modified or removed to handle it to FRR.

There is a setting that is not clearly stated in the initial config file – “docker_routing_config_mode”

It has three options:

"unified" - configDB generates frr.conf in the BGP container.
"separated" - configDB generates bgp.conf, zebra.conf etc. in the BGP container.
"split" - configDB doesn't generate anything, and FRR relies on its own files.

General advice is to use “split” mode.

"DEVICE_METADATA": {
    "localhost": {
        "hwsku": "aurora-610",
        "platform": "x86_64-netberg_aurora_610-r0",
        "mac": "70:b3:d5:cc:fd:d0",
        "hostname": "nba610",
        "type": "LeafRouter",
        "docker_routing_config_mode": "split"
    }

Be careful with punctuation when editing the data. An error may render SONiC unresponsive.

SONiC 202012

It relies on configDB to generate FRR configuration.

"DEVICE_METADATA": {
"localhost": {
    "bgp_asn": "65100",
    "buffer_model": "traditional",
    "default_bgp_status": "up",
    "default_pfcwd_status": "disable",
    "hostname": "sonic",
    "hwsku": "aurora-715",
    "mac": "70:b3:d5:cc:f7:f3",
    "platform": "x86_64-netberg_aurora_715-r0",
    "type": "LeafRouter"
}

FRR can have its running configuration but won’t persist through a reboot.

Configure FRR

vtysh provides a combined frontend to all FRR daemons in a single combined session. To start the CLI, run the sudo vtysh command:

admin@nba615:~$ sudo vtysh

Hello, this is FRRouting (version 7.5.1-sonic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

nba615#

It is a Cisco-like modal CLI, and many of the commands are similar to Cisco IOS commands. There are different modes to the CLI, and certain commands are only available within a specific mode.

nba615# configure terminal
nba615(config)#

The prompt displays the current CLI mode. When the routing protocol-specific commands are invoked, the prompt changes to:

nba615(config)# router bgp 65101
nba615(config-router)#

? displays the list of available top-level commands:

nba615(config-router)# ?
  address-family     Enter Address Family command mode
  aggregate-address  Configure BGP aggregate entries
  bgp                BGP information
  bmp                BGP Monitoring Protocol
  coalesce-time      Subgroup coalesce timer
  distance           Define an administrative distance
  end                End current mode and change to enable mode
  exit               Exit current mode and down to previous mode
  find               Find CLI command matching a regular expression
  list               Print command list
  neighbor           Specify neighbor router
  network            Specify a network to announce via BGP
  no                 Negate a command or set its defaults
  output             Direct vtysh output to file
  quit               Exit current mode and down to previous mode
  read-quanta        How many packets to read from peer socket per I/O cycle
  table-map          BGP table to RIB route download filter
  timers             Adjust routing timers
  update-delay       Force initial delay for best-path and updates
  vnc                VNC/RFP related configuration
  vrf-policy         Configure a VRF policy group
  write-quanta       How many packets to write to peer socket per run
nba615(config-router)#

?-based completion is also available to see the parameters that the command takes:

nba615(config-router)# address-family ?
 ipv4 Address Family
 ipv6 Address Family
 l2vpn Address Family
 nba615(config-router)# address-family

To move back up a level, use the exit command:

nba615(config)# router bgp 65101
nba615(config-router)# exit
nba615(config)#

Save the routing setting.

nba615# write
Note: this version of vtysh never writes vtysh.conf
Building Configuration...
Integrated configuration saved to /etc/frr/frr.conf
[OK]

Please refer to https://frrouting.org/ for more information.

ebgp-requires-policy

Default eBGP requests an RFC-8212 compliant route-map. If the route-map doesn’t exist, please disable “ebgp-requires-policy“. Otherwise, BGP PfxRcd(Prefix Received) / PfxSnt(Prefix Sent) will require a route-map policy. Without the incoming filter, no routes will be accepted. Without the outgoing filter, no routes will be announced.

When the incoming or outgoing filter is missing, you will see the “(Policy)” sign in show bgp summary

nba615# show bgp summary

IPv4 Unicast Summary:
BGP router identifier 1.1.1.1, local AS number 65100 vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 21 KiB of memory

Neighbor        V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt
10.0.1.0        4      65101        18        13        0    0    0 00:00:03     (Policy) (Policy)

To fix this:

nba615# configure
nba615(config)# router bgp 65100
nba615(config-router)# no bgp ebgp-requires-policy
nba615(config-router)# end
nba615# enable
nba615# clear bgp *

When you enable/disable this option, you MUST clear the session.