Focus
Focus
Table of Contents

Manage BGP Routes

How to manage BGP routes using the openconfig-bgp model.
The following examples shows use cases for the BGP model. To see what is supported through PAN-OS OpenConfig view the reference material.
The following examples retrieve and set information for BGP routes.
Because of the length of the requests for BGP each of these settings, use the GNMIC
--update-file
flag

BGP Global Settings

Send a request to set the BGP global settings for router at address 1.1.1.1 using a JSON file.
gnmic -a 10.1.1.1 --port 9339 -u admin -p password --skip-verify -e JSON_IETF set --update-path / --update-file bgp/bgp-global.json
The contents of the JSON file are as follows:
{ "bgp": { "global": { "config": { "as": 650001, "router-id": "1.1.1.1" }, "default-route-distance": { "config": { "external-route-distance": 45, "internal-route-distance": 200 } }, "graceful-restart": { "config": { "enabled": true, "helper-only": false, "restart-time": 120, "stale-routes-time": 120 } }, "route-selection-options": { "config": { "advertise-inactive-routes": false, "always-compare-med": false, "enable-aigp": false, "external-compare-router-id": true, "ignore-as-path-length": false, "ignore-next-hop-igp-metric": false } } } } }
The AS number is set as plain notation in the requests and set as AS dot notation in PAN-OS
A successful request returns the output below:
Set Response: { "timestamp": 1614404816402806852, "time": "2021-02-26T21:46:56.402806852-08:00", "results": [ { "operation": "UPDATE" } ] }

BGP Peer Groups

You can send a request to set the BGP peer groups by using a JSON file as follows:
gnmic -a localhost --port 9339 -u admin -p password --skip-verify -e JSON_IETF set --update-path / --update-file bgp/bgp-peer-groups.json
The following are the contents of the BGP files:
{ "bgp": { "peer-groups": { "peer-group": [ { "config": { "auth-password": "", "description": "", "local-as": 650001, "peer-group-name": "ibgp", "peer-type": "INTERNAL", "route-flap-damping": false }, "peer-group-name": "ibgp" }, { "config": { "auth-password": "", "description": "", "local-as": 650001, "peer-group-name": "test", "peer-type": "EXTERNAL", "remove-private-as": "PRIVATE_AS_REMOVE_ALL", "route-flap-damping": false }, "peer-group-name": "test" } ] } } }
You must create the peer groups before creating the peers.
A successful response returns the output below:
Set Response: { "timestamp": 1614404816403816854, "time": "2021-02-26T21:46:56.402806852-08:00", "results": [ { "operation": "UPDATE" } ] }

BGP Neighbors

You can send a request to set the BGP neighbors for router 1.1.1.1 using a JSON file:
gnmic -a localhost --port 9339 -u admin-p password --skip-verify -e JSON_IETF set --update-path / --update-file bgp/bgp-peer-neighbors.json
The following are the contents of the BGP files:
{"bgp": { "neighbors": { "neighbor": [ { "config": { "auth-password": "", "description": "", "local-as": 650001, "neighbor-address": "172.16.2.101", "peer-as": 655, "peer-group": "test", "peer-type": "EXTERNAL", "remove-private-as": "PRIVATE_AS_REMOVE_ALL", "route-flap-damping": false }, "ebgp-multihop": { "config": { "enabled": true, "multihop-ttl": 0 } }, "neighbor-address": "172.16.2.101", "timers": { "config": { "connect-retry": "0", "hold-time": "90", "keepalive-interval": "30", "minimum-advertisement-interval": "30" } }, "transport": { "config": { "local-address": "172.16.2.100/24", "mtu-discovery": false, "passive-mode": false } } }, { "config": { "auth-password": "", "description": "", "local-as": 650001, "neighbor-address": "2.2.2.3", "peer-as": 650001, "peer-group": "ibgp", "peer-type": "INTERNAL", "route-flap-damping": false }, "ebgp-multihop": { "config": { "enabled": true, "multihop-ttl": 0 } }, "neighbor-address": "2.2.2.3", "timers": { "config": { "connect-retry": "0", "hold-time": "90", "keepalive-interval": "30", "minimum-advertisement-interval": "30" } }, "transport": { "config": { "local-address": "2.2.2.1/24", "mtu-discovery": false, "passive-mode": false } } } ] } } }
The interfaces must exist prior to using these settings. The interface used for BGP internal peer is handled in the transport container. The local-address key has the value of the interface used for the internal peer.
A successful request returns the output below:
Set Response: { "timestamp": 1614405428002788603, "time": "2021-02-26T21:57:08.002788603-08:00", "results": [ { "operation": "UPDATE" } ] }}
After you complete all of the previous configurations for Peer Groups and Neighbors, the user interface shows the following under NetworkVirtual RoutersDefaultBGPPeer Group:

Retrieving BGP Settings

Doing a Get on the all of the BGP settings set above returns the following output:
"bgp": { "global": { "config": { "as": 650001, "router-id": "1.1.1.1" }, "default-route-distance": { "config": { "external-route-distance": 45, "internal-route-distance": 200 } }, "graceful-restart": { "config": { "enabled": true, "helper-only": false, "restart-time": 120, "stale-routes-time": "120" } }, "route-selection-options": { "config": { "advertise-inactive-routes": false, "always-compare-med": false, "enable-aigp": false, "external-compare-router-id": true, "ignore-as-path-length": false, "ignore-next-hop-igp-metric": false } } }, "neighbors": { "neighbor": [ { "config": { "auth-password": "", "description": "", "local-as": 650001, "neighbor-address": "172.16.2.101", "peer-as": 655, "peer-group": "test", "peer-type": "EXTERNAL", "remove-private-as": "PRIVATE_AS_REMOVE_ALL", "route-flap-damping": false }, "ebgp-multihop": { "config": { "enabled": true, "multihop-ttl": 0 } }, "neighbor-address": "172.16.2.101", "timers": { "config": { "connect-retry": "0", "hold-time": "0", "keepalive-interval": "0", "minimum-advertisement-interval": "0" } }, "transport": { "config": { "local-address": "172.16.2.100/24", "mtu-discovery": false, "passive-mode": false } } }, { "config": { "auth-password": "", "description": "", "local-as": 650001, "neighbor-address": "2.2.2.3", "peer-as": 650001, "peer-group": "ibgp", "peer-type": "INTERNAL", "route-flap-damping": false }, "ebgp-multihop": { "config": { "enabled": true, "multihop-ttl": 0 } }, "neighbor-address": "2.2.2.3", "timers": { "config": { "connect-retry": "0", "hold-time": "90", "keepalive-interval": "30", "minimum-advertisement-interval": "30" } }, "transport": { "config": { "local-address": "2.2.2.1/24", "mtu-discovery": false, "passive-mode": false } } } ] }, "peer-groups": { "peer-group": [ { "config": { "auth-password": "", "description": "", "local-as": 650001, "peer-group-name": "ibgp", "peer-type": "INTERNAL", "route-flap-damping": false }, "peer-group-name": "ibgp" }, { "config": { "auth-password": "", "description": "", "local-as": 650001, "peer-group-name": "test", "peer-type": "EXTERNAL", "remove-private-as": "PRIVATE_AS_REMOVE_ALL", "route-flap-damping": false }, "peer-group-name": "test" } ] } } }