Title: Alarm to indicate that the status of the remote tunnel endpoint (RTEP) BGP neighborship is down.

Event ID: rtep_bgp_down

Alarm Description:

• Purpose: To notify the admin that the BGP neighborship on the remote tunnel endpoint (RTEP) went down.
• Impact: BGP neighborship on the RTEP going down would cause the routes from the peer to be withdrawn and cause potential traffic disruptions within the network.

VMware NSX

• Check for connectivity-related issues:
  • Perform a ping test from the edge node interface or the external peer.

    • Invoke the NSX CLI command get logical-routers.

      Sample CLI output: get logical-routers

      fed> get logical-router Logical Router UUID                                   VRF    LR-ID    Name                             Type                      Ports   Neighbors      ########-####-####-####-############                   0      0                                        TUNNEL                      3       2/5000         ########-####-####-####-############                   1      1      REMOTE_TUNNEL_VRF                 RTEP_TUNNEL                 4       2/50000        ########-####-####-####-############                   3      5      DR-Tier0Gateway1                  DISTRIBUTED_ROUTER_TIER0    6       0/50000        ########-####-####-####-############                   4      7      SR-Tier0Gateway1                  SERVICE_ROUTER_TIER0        6       3/50000

    • Switch to the REMOTE_TUNNEL_VRF {remote_tunnel_vrf_id} using the CLI command vrf remote_tunnel_vrf_id. 

    • Invoke the NSX CLI command get interfaces and check if the correct RTEP IP address is assigned to the interface with the name remote-tunnel-endpoint.

      Sample CLI output: get interfaces

      fed(remote_tunnel_vrf[1])> get interfaces Logical Router UUID                                   VRF    LR-ID  Name                              Type                       ########-####-####-####-############   1      1      REMOTE_TUNNEL_VRF                 RTEP_TUNNEL                Interfaces (IPv6 DAD Status A-DAD_Success, F-DAD_Duplicate, T-DAD_Tentative, U-DAD_Unavailable)     Interface     ########-####-####-####-############     Ifuid             Mode          : cpu     Port-type     : cpu     Enable-mcast  : false       Interface     ########-####-####-####-############     Ifuid             Mode          : blackhole     Port-type     : blackhole       Interface     ########-####-####-####-############     Ifuid             Name          : remote-tunnel-endpoint     Fwd-mode      : IPV4_ONLY     Internal name : uplink-268     Mode          : lif     Port-type     : uplink     IP/Mask       : ##.##.##.##/24;####:##::#/64(NA)     MAC           ##:##:##:##:##:##     VLAN              Access-VLAN   : untagged     LS port       : ########-####-####-####-############     Urpf-mode     : PORT_CHECK     DAD-mode      : LOOSE     RA-mode       : RA_INVALID     Admin         : up     Op_state      : up     Enable-mcast  : False     MTU               arp_proxy     :       Interface     ########-####-####-####-############     Ifuid             Mode          : loopback     Port-type     : loopback     IP/Mask       : 127.0.0.1/8;::1/128(NA)

    • Issue the command ping <remote_tunnel_endpoint> 
    • If the ping fails,
      • Check VLAN on the segment/Edge logical uplink and the vlan on the external Peer interface. If the vlan configuration does not match, ping failure is expected. 
        • Identify the correct vlan that needs to be configured and ensure 

          the RTEP VLAN by logging to NSX and navigating to System | Fabric | Nodes | Select Relevant TN | Tunnels | RTEP VLAN.

        • Check RTEP MTU by navigating to System | Fabric | Settings | Remote Tunnel Endpoint MTU

    • If the ping is successful, 
      • check for any firewall rules configured to block the BFD control packets.
      • check BGP configuration on the peer.
  • Check for MTU related Issues:
    • • • Check MTU setting on the TOR interface connected to the physical NIC of the DVS uplink which provides connectivity to the Tier-0 uplink.
        • You can find the NSX MTU guidance here: Guidance to Set Maximum Transmission Unit. 
        • Follow procedures in the KB article 317210 to address common NSX underlying infrastructure connectivity issues.