Configure remove-private-as on BGP Peer Group

To enable external connectivity, configure the remove-private-as attribute when you create or update BGP peer group.

By default, remove-private-as is disabled.

About this task

Follow this procedure to configure remove-private-as.

Procedure

  1. Run the following command to configure a remove-private-as when you create a BGP Peer-Group on a tenant VRF:
    efa tenant service bgp peer-group create --name <bgp-pg-name> --tenant <tenant-name>
        --pg-name <device-ip:pg-name> --pg-asn <device-ip,pg-name:remote-asn>
        --pg-bfd-enable <device-ip,pg-name:true|false> 
        --pg-remove-private-as <device-ip,pg-name:true|false>
  2. Run the following command to configure a remove-private-as when you update a BGP Peer-Group on a tenant VRF:
    efa tenant service bgp peer-group update --name <bgp-pg-name> --tenant <tenant-name> 
        --operation peer-group-add 
        --pg-name <device-ip:pg-name> --pg-asn <device-ip,pg-name:remote-asn>
        --pg-bfd-enable <device-ip,pg-name:true|false> 
        --pg-remove-private-as <device-ip,pg-name:true|false>
    
    Example:
    efa tenant service bgp peer-group create --name ten1bgppg1 --tenant ten1 
        --pg-name 10.20.246.15:pg1 --pg-asn 10.20.246.15,pg1:55001 
        --pg-bfd-enable 10.20.246.15,pg1:true 
        --pg-remove-private-as 10.20.246.15,pg1:true 
        --pg-name 10.20.246.16:pg1 --pg-asn 10.20.246.16,pg1:55001 
        --pg-bfd-enable 10.20.246.16,pg1:true 
        --pg-remove-private-as 10.20.246.16,pg1:true
    
    efa tenant service bgp peer-group update --name ten1bgppg1 --tenant ten1 
        --operation peer-group-add 
        --pg-name 10.20.246.15:pg2 --pg-asn 10.20.246.15,pg2:55002 
        --pg-bfd-enable 10.20.246.15,pg2:true 
        --pg-remove-private-as 10.20.246.15,pg2:true 
        --pg-name 10.20.246.16:pg2 --pg-asn 10.20.246.16,pg2:55002 
        --pg-bfd-enable 10.20.246.16,pg2:true 
        --pg-remove-private-as 10.20.246.16,pg2:true
    
    efa tenant service bgp peer-group show --detail
    ===============================================
    Name             : ten1bgppg1
    Tenant           : ten1
    State            : bgp-pg-state-created
    
    Peer Group
    ----------
            Device IP        : 10.20.246.15
            Peer Group       : pg1
            Remote ASN       : 55001
            Next Hop Self    : false
            BFD Enabled      : true
            BFD Interval     :
            BFD Rx           :
            BFD Multiplier   :
            Remove Private AS: true
            Dev State        : provisioned
            App State        : cfg-in-sync
    
            Device IP        : 10.20.246.15
            Peer Group       : pg2
            Remote ASN       : 55002
            Next Hop Self    : false
            BFD Enabled      : true
            BFD Interval     :
            BFD Rx           :
            BFD Multiplier   :
            Remove Private AS: true
            Dev State        : provisioned
            App State        : cfg-in-sync
    
            Device IP        : 10.20.246.16
            Peer Group       : pg1
            Remote ASN       : 55001
            Next Hop Self    : false
            BFD Enabled      : true
            BFD Interval     :
            BFD Rx           :
            BFD Multiplier   :
            Remove Private AS: true
            Dev State        : provisioned
            App State        : cfg-in-sync
    
            Device IP        : 10.20.246.16
            Peer Group       : pg2
            Remote ASN       : 55002
            Next Hop Self    : false
            BFD Enabled      : true
            BFD Interval     :
            BFD Rx           :
            BFD Multiplier   :
            Remove Private AS: false
            Dev State        : provisioned
            App State        : cfg-in-sync
    ================================================
  3. Verify the switch configuration on the SLX device.
    Rack1-Device1# show running-config router bgp
    router bgp
     local-as 4200000000
     capability as4-enable
     fast-external-fallover
     neighbor pg1 peer-group
     neighbor pg1 remote-as 55001
     neighbor pg1 remove-private-as
     neighbor pg1 bfd
     neighbor pg2 peer-group
     neighbor pg2 remote-as 55002
     neighbor pg2 remove-private-as
     neighbor pg2 bfd
     neighbor 10.20.20.4 remote-as 4200000000
     neighbor 10.20.20.4 next-hop-self
     address-family ipv4 unicast
      network 172.31.254.46/32
      network 172.31.254.123/32
      maximum-paths 8
      graceful-restart
     !
     address-family ipv4 unicast vrf ten1vrf1
      redistribute connected
      maximum-paths 8
     !
     address-family ipv6 unicast
     !
     address-family ipv6 unicast vrf ten1vrf1
      redistribute connected
      maximum-paths 8
     !
     address-family l2vpn evpn
      graceful-restart
     !
    !
    Rack1-Device2# show running-config router bgp
    router bgp
     local-as 4200000000
     capability as4-enable
     fast-external-fallover
     neighbor pg1 peer-group
     neighbor pg1 remote-as 55001
     neighbor pg1 remove-private-as
     neighbor pg1 bfd
     neighbor pg2 peer-group
     neighbor pg2 remote-as 55002
     neighbor pg2 password remove-private-as
     neighbor pg2 bfd
     neighbor 10.20.20.5 remote-as 4200000000
     neighbor 10.20.20.5 next-hop-self
     address-family ipv4 unicast
      network 172.31.254.46/32
      network 172.31.254.176/32
      maximum-paths 8
      graceful-restart
     !
     address-family ipv4 unicast vrf ten1vrf1
      redistribute connected
      maximum-paths 8
     !
     address-family ipv6 unicast
     !
     address-family ipv6 unicast vrf ten1vrf1
      redistribute connected
      maximum-paths 8
     !
     address-family l2vpn evpn
      graceful-restart
     !
    !
    Note

    Note

    For information about commands and supported parameters to configure remove-private-as attribute, see ExtremeCloud Orchestrator Command Reference, 3.2.0 .