Configuring BGP Routing and Loopback Interface GroupsCopy link

From the 6.6 release, Cohesity supports BGP routing. This can be enabled on the Cohesity servers to export IP addresses on the loopback interface (also known as Loopback VIPs) to the BGP peer.

For example, in the following setup, lo (loopback) interface is not directly connected to the router. BGP can be enabled in Cohesity nodes so that the router and network know about 1.1.1.1 so that clients can reach the Cohesity nodes using Loopback VIPs.

BGP Node GroupCopy link

BGP can be configured in Cohesity through the node-group construct. A bunch of nodes (or all nodes) can be formed as a group with a set of BGP parameters (like keepalive, peer params, etc).

To create the BGP node-group, run the following commands in the Cohesity CLI.

  1. To create a BGP node-group, run the following command:

    iris_cli node-group create-bgp group-name=<group-name> hold-time=<seconds> keepalive-time=<seconds> peer-address=<ip1,ip2…> peer-description=<desc1,desc2…> peer-hold-time=<seconds,seconds…> peer-keepalive-time=<seconds,seconds…> peer-remote-as=<ASN1,ASN2…> node-ids =<nodeId1, nodeId2…>

    Example

    iris_cli node-group create-bgp group-name=bgp1 node-ids=130592912984,130592912578,130592912748 peer-address=10.1.3.243 local-as=1 peer-remote-as=1

  2. To update a BGP node-group, run the following command:

    iris_cli node-group update-bgp group-name=<group-name> hold-time=<seconds> keepalive-time=<seconds> peer-address=<ip1,ip2…> peer-description=<desc1,desc2…> peer-hold-time=<seconds,seconds…> peer-keepalive-time=<seconds,seconds…> peer-remote-as=<ASN1,ASN2…> add-node-ids =<nodeId1, nodeId2…> remove-node-ids==<nodeId1, nodeId2…>

    Example

    iris_cli update-bgp group-name=bgp1 hold-time=60 keepalive-time=20

  3. To delete a BGP node-group, run the following command:

    iris_cli node-group delete group-name=<group-name>

  4. To check the config, runtime details, and status of the BGP nodes, run the following show commands:

    iris_cli node-group ls
    iris_cli routing show-bgp-neighbors
    iris_cli routing show-bgp-summary
    iris_cli routing show-bgp-nexthop
    iris_cli routing show-bgp-statistics

Loopback Interface groupCopy link

Interface groups can be created for loopback interfaces, in the same way as interface groups for bond interfaces. group-type is the new parameter introduced, which could be set to 1(Vlan) or 2(Loopback).

  • If you set the group-type parameter to 1, the Vlan group-type interface groups will have bond# as interfaces.

  • If you set the group-type parameter to 2, the Loopback interface groups will have lo as interfaces. You can add any number of nodes to an existing interface group.

To create the loopback interface group, run the following commands in the Cohesity CLI.

  1. To creating a loopback interface group, run the following command:

    iris_cli interface-group create group-name=<group-name> group-type=<1|2> interface-name=<bond> node-ids=<nodeId1, nodeId2…

    group-type 1 is Vlan (Default)

    group-type 2 is Loopback

    Example

    iris_cli interface-group add group-name=intf_group_lb group-type=2 node-ids=130592912578,130592912748

  2. To update a loopback interface group, run the following command:

    iris_cli  interface-group update group-name=<group-name> add-node-ids =<nodeId1, nodeId2…> remove-node-ids==<nodeId1, nodeId2…

    Example

    iris_cli  interface-group update group-name=intf_group_lb add-node-ids=130592912984

  3. Deleting a Loopback Interface group

    iris_cli interface-group delete group-name=<group-name>

    Example

    iris_cli interface-group delete group-name=intf_group_lb

VIPs Config on Loopback Interface groupCopy link

VIPs can be configured on the loopback interface group in the same way as the VLAN interface group.

To configure VIPs on the loopback interface group, run the following command:

iris_cli vlan add id=<vlan-id> interface-group=<group-name> vlan-ips <vlanip1, vlan-ip2> subnet-mask-bits=<Subnet-Mask-Prefix> ecmp-enabled-<true/false>

Example:

iris_cli vlan add id=0 interface-group=intf_group_lb vlan-ips=1.1.1.1 subnet-mask-bits=32 ecmp-enabled=true

  • The id param should always be 0.

  • When the ecmp-enabled parameter is true, then only one VIP can be configured, and the same VIP is programmed on all the nodes. ECMP forwarding should be enabled in the router for traffic to flow to all nodes.

  • When the ecmp-enabled parameter is false, then the number of VIPs should match the number of nodes, as in the case of the VLAN interface group.

When ECMP is enabled the following workloads are supported on the corresponding VLAN.

  • NAS

  • Oracle-SBT

  • S3

  • Linux

  • AIX Physical Files/Folders.

VIPs on loopback interface groups are valid only when BGP routing is configured or static routes are configured in all the routers between Cohesity nodes and the client.