TNSR VRF BGP

eece_ret

Good Afternoon All;
Version:: 22.02-1~tnsr-v22.02-1
Platform: Virtualized KVM

Issue: I am trying to create two disparate VRF and peer to root VRF utilizing BGP. I have the peering interfaces established off a KVM bridge. All static routed traffic functions in testing. BGP however will not turn up.

Can BGP in TNSR (FRR) peer to vrf within itself?
Config Below

tnsr-02 tnsr# show configuration running cli
configuration history enable

nacm disable
nacm read-default deny
nacm write-default deny
nacm exec-default deny
nacm group admin
member root
member tnsr
exit
nacm rule-list admin-rules
group admin
rule permit-all
module *
access-operations *
action permit
exit
exit
nacm enable

system dns-resolver host
server ubnt1 172.31.55.254
exit

host interface enp13s0
enable
ip address 172.31.55.253/24
exit

dataplane ethernet default-mtu 1500
dataplane dpdk dev 0000:01:00.0 network name VLAN304
dataplane dpdk dev 0000:02:00.0 network name VLAN305
dataplane dpdk dev 0000:03:00.0 network name VLAN306
dataplane dpdk dev 0000:0a:00.0 network name WAN
dataplane dpdk dev 0000:0b:00.0 network name VLAN302
dataplane dpdk dev 0000:0c:00.0 network name VLAN303
dataplane dpdk dev 0000:0e:00.0 network name VRF1-PEER
dataplane dpdk dev 0000:0f:00.0 network name VRF1-PEER2
dataplane dpdk dev 0000:10:00.0 network name VRF2-PEER
dataplane dpdk dev 0000:11:00.0 network name VRF2-PEER2
dataplane dpdk uio-driver igb_uio
dataplane buffers buffers-per-numa 32768
dataplane statseg heap-size 96M

nat global-options nat44 max-translations-per-thread 128000
nat global-options nat44 endpoint-dependent true
nat global-options nat44 forwarding true
nat global-options nat44 enabled true

route table ipv4-VRF-2
id 2
exit

route table ipv4-VRF-3
id 3
exit

route table ipv4-VRF:0
id 0
exit

interface VLAN302
description VLAN302
enable
ip nat inside
ip address 10.99.2.1/24
exit
interface VLAN303
description VLAN303
enable
ip nat inside
vrf ipv4-VRF-2
ip address 10.99.3.1/24
exit
interface VLAN304
description VLAN304
enable
ip nat inside
vrf ipv4-VRF-2
ip address 10.99.4.1/24
exit
interface VLAN305
description VLAN305
enable
ip nat inside
vrf ipv4-VRF-3
ip address 10.99.5.1/24
exit
interface VLAN306
description VLAN306
enable
ip nat inside
vrf ipv4-VRF-3
ip address 10.99.6.1/24
exit
interface VRF1-PEER
description VRF1-PEER
enable
ip address 10.99.102.1/30
exit
interface VRF1-PEER2
description VRF1-PEER2
enable
vrf ipv4-VRF-2
ip address 10.99.102.2/30
exit
interface VRF2-PEER
description VRF2-PEER
enable
ip address 10.99.103.1/30
exit
interface VRF2-PEER2
description VRF2-PEER2
enable
vrf ipv4-VRF-3
ip address 10.99.103.2/30
exit
interface WAN
description WAN
enable
ip nat outside
ip address 76.221.137.109/29
exit

nat pool interface WAN
nat ipfix logging domain 1
nat ipfix logging src-port 4739
nat nat64 map parameters
security-check enable
exit

route table ipv4-VRF-2
id 2
exit
exit

route table ipv4-VRF-3
id 3
exit
exit

route table ipv4-VRF:0
id 0
route 0.0.0.0/0
next-hop 0 via 76.221.137.110 WAN
exit
route 10.99.6.0/24
next-hop 0 via 169.254.3.2
exit
exit

interface VLAN302
exit
interface VLAN303
exit
interface VLAN304
exit
interface VLAN305
exit
interface VLAN306
exit
interface VRF1-PEER
exit
interface VRF1-PEER2
exit
interface VRF2-PEER
exit
interface VRF2-PEER2
exit
interface WAN
exit

route dynamic access-list LOCAL-PERMIT
sequence 10 permit 0.0.0.0/0
exit

route dynamic prefix-list RFC1918
description List of 1918 subnets
sequence 10 permit 10.0.0.0/8 le 32
sequence 20 permit 172.16.0.0/12 le 32
sequence 30 permit 192.168.0.0/16 le 32
exit

route dynamic manager
exit

route dynamic route-map PERMIT-1918
sequence 10
policy permit
match ip address prefix-list RFC1918
exit
exit
route dynamic route-map PERMIT-DEFAULT
sequence 10
policy permit
match ip address access-list LOCAL-PERMIT
exit
exit

route dynamic ospf6
exit

route dynamic bgp
option debug allow-martians
enable
server vrf default
as-number 64513
neighbor 10.99.102.2
capability dynamic
remote-as 64514
enable
update-source VRF1-PEER
exit
no ebgp-requires-policy
no network import-check
router-id 10.99.2.1
address-family ipv4 unicast
neighbor 10.99.102.2
activate
default-originate
route-map PERMIT-1918 in
route-map PERMIT-DEFAULT out
send-community standard
send-community large
send-community extended
exit
network 10.99.2.0/24
redistribute connected
redistribute kernel
exit
exit
server vrf ipv4-VRF-2
as-number 64514
neighbor 10.99.102.1
capability dynamic
remote-as 64513
enable
update-source VRF1-PEER2
exit
no ebgp-requires-policy
no network import-check
address-family ipv4 unicast
neighbor 10.99.102.1
activate
route-map PERMIT-DEFAULT in
route-map PERMIT-1918 out
send-community standard
send-community large
send-community extended
exit
network 10.99.3.0/24
redistribute connected
exit
exit
server vrf ipv4-VRF-3
as-number 64515
exit
exit

route dynamic ospf
exit

route dynamic rip
exit

dhcp4 enable
dhcp4 server
description LAN1-DHCP
lease persist true
lease lfc-interval 3600
interface listen VLAN302
interface socket raw
subnet 10.99.2.0/24
interface VLAN302
option domain-name-servers
data 8.8.8.8
exit
option routers
data 10.99.2.1
exit
pool 10.99.2.100-10.99.2.200
exit
exit
exit

unbound enable
unbound server
interface 10.99.2.1
interface 10.99.3.1
interface 127.0.0.1
access-control 10.0.0.0/8 allow
enable ip4
enable tcp
enable udp
enable harden glue
enable hide identity
port outgoing range 4096
forward-zone .
nameserver address 8.8.4.4
nameserver address 8.8.8.8
exit
exit

snmp host disable

ssh dataplane enable

tnsr-02 tnsr#