How to: Configure Border Gateway Protocol using Route Health Injection

Overview

The Border Gateway Protocol (BGP) Route Health Injection (RHI) is used in network routing to influence the selection of routes advertised through BGP based on their health status. In traditional BGP routing, routes are advertised based on their reachability and preference metrics, such as Autonomous System (AS) path length, local preference. However, the BGP RHI injects additional information about the health of a route into the BGP decision-making process. This health information can include metrics like route stability, latency, packet loss, or other factors indicative of the quality or reliability of a route. By injecting this health information into BGP updates, routers can make more informed decisions about which routes to prefer, considering not only reachability but also on the health and performance of those routes.
The BGP RHI is particularly useful in scenarios where there are multiple paths to the same destination, such as multi-homed networks or networks with redundant links. It helps optimise routing decisions to ensure that traffic is routed over the most stable and performant paths, thus improving overall network reliability and performance. The BGP uses a mechanism called peering, administrators designate specific routers as BGP peers. Peers represent devices at the edge or boundary of an autonomous system.
BGP peers perform the following functions:

  • Route Discovery - BGP peers exchange routing information with neighbouring BGP peers through Network Layer Reachability Information (NLRI) and path attributes. NLRI contains connection information about neighbors. Path attributes include information such as delay, hop count, and transmission cost. After exchanging information, each BGP peer can create a graph of network connectivity around it.

  • Route Storage – During the discovery process, each BGP router collects route advertisement information and stores it in the form of a routing table. It uses routing tables for path selection and is updated periodically. For example, a BGP router receives keep-alive messages from neighboring routers every 30 seconds. It will update the saved route accordingly.

  • Path Selection - BGP routers use stored information to optimise traffic routing. The most important factor in route selection is the shortest path, which is determined using a saved route map. When a destination can be reached through multiple paths, BGP selects the best path by evaluating the other path attributes in turn.

Prerequisites

  • You must have Administrator or Application Manager user credentials to manage application services. Users with Instance Manager or Auditor credentials have read-only access to application services.

  • If you plan to use an template to create an application service, you need to decide which template you’re going to use. There are three options:

  • Parameter details (for example, server names or addresses, pool names, and pool member addresses or names) that are required by the application template you plan to use for this application service.

  • If you intend to attach a certificate to your application, you need to know the name of the certificate you plan to use. For details about managing certificates and keys, refer to How to: Manage Instance Certificates and Keys using BIG-IP Next Central Manager.

  • You must be managing the BIG-IP Next instance you plan to deploy the application service to. For details, refer to How to: Create a BIG-IP Next instance in a VMware vSphere environment using an onboarding template.

How to: Configure BGP using BIG-IP Next Central Manager

Use this procedure to add an instance and configure BGP using BIP-IP next Central Manager:

  1. Log in to BIG-IP Next Central Manager, click the workspace switcher next to the F5 icon, and click Infrastructure.

  2. At the top of the screen, click + Start Adding Instances.

  3. Type the IP address for the BIG-IP Next instance and click Connect. You must use port 5443.

  4. Enter the current username and password for this BIG-IP Next instance.

    Note: If you have already managed instances, it will be shown in Infrastructure > My Instances tab.

  5. Edit the configuration and properties of the added instance, click on Networking & Proxy > Edit > Networking.
    Provide the required inputs to L1 network, VLANs and IP Address, click Next.

  6. Click Deploy from Review and Deploy Tab.

  7. Click Route tab > + Add to configure a new route.

  8. Follow the below process to configure VRF:
    a. Enter Route Name.
    b. Select the Route Type as BGP.
    c. Provide router configuration under BGP raw configuration blob.
    d. Provide inputs as router address and password under Array of neighbour passwords.
    e. Click on Save
    .

How to: Configure RHI using BIG-IP Next Central Manager

Use this procedure to configure RHI for BGP configured instance:

  1. Login to BIG-IP Next Central Manager.

  2. Go to Infrastructure > Instances> My Instances. Click on the added instance Name.

  3. Click on Networking & Proxy.

  4. Select Route tab and update the required information:
    a. Enter the Route Name.
    b. Route Type set to RHI.
    c. Click on Create.
    d. Enter the Virtual Address, and set the RHI one among below:

    • ALWAYS: Always advertises the route for the virtual address, regardless of availability status.

    • ALL: The virtual address is up when all L4-clientsides are up.

    • ANY: The virtual address is up when any(at least one) L4-clientside is up.

    • NEVER: Do not advertise the route for the virtual address, regardless of the availability status.

    Note: Based on the above configured value (Point number 4), the BGP will decide in which scenario (Always, All, Any, or Never) the IP address should advertise.

    e. Click Save.

How to: Create an Application

Use this procedure to create an application that routes through the added IP address:

  1. Log in to the BIG IP Central Manager.

  2. Select Application > My Application Services.

  3. To create an application click + Add Application.

  4. To Add Application, add below fields:
    a. Application Service Name
    b. Select what kind of Application Service are you creating?

    • Standard (CM will create automatic template)

    • From Template (Further, user should select the desired template)

  5. Click Start Creating.

  6. Create a Pool by Adding Pool name, Service Port.

  7. Go back to Virtual Servers tab, enter Virtual Server Name and select Pool (as per point no.5), click Review & Deploy.

  8. Click Start Adding instance, select the IP from dropdown.

  9. Add the Virtual Address and Pool Members > Virtual Routing & Forwarding set to default L3-Network.

  10. Add a row for Pool members, enter name and IP address. Save the changes > click Deploy the changes.
    The application is created successfully.

How to: Verify Routing advertisement on BIG IP Next

Use this procedure to verify routing advertising on BIP-IP Next based on RHI value selection:

  1. Access the BIP-IP Next instance through SSH.

  2. Run kubectl get pods. Once all pod details are available, users must log into the TMM pod to access f5dr.

  3. Run this command to get into f5dr mode by accessing the tmm pod.
    kubectl exec -it <tmm_pod name> -c f5-fsm-f5dr -- imish

  4. Use imish command to enter the imi shell terminal, and use the enable or en command for accessing debug mode.

  5. Verify the BGP configuration and view currently advertised routes on the BIG-IP Next by using the command show ip route to confirm routes to the virtual as entry K from the list.

Note: Debugging is supported only for VELOS.

For example:

  1. There are two pools: one is up and the other is down.

  2. There are four apps, all listening on the same IP but different ports: i.e 10.10.2.88:3000, 10.10.2.88:30001, 10.10.2.88:3002, 10.10.2.88:3003. Apps 1-3 use the up pool, while app 4 uses the down pool.

  3. RHI with mode ALL for the IP address 10.10.2.88/32.

TODA should write to the DSSM for 10.10.2.88/32, and this IP address should not be advertised.