Forum Discussion

VirtualNet's avatar
VirtualNet
Level 1
9 months ago

Fabric Cloud Router Policies cant be applied when peering is down

We cant able to apply the router filter policies(RFP) when the Peerings are down on FCR. By the time we apply the Filter policies, all routes learnt from peers are advertised to the other peers resulting in downtime due to loop(unwanted routing). Even if we are quick enough to apply the policies, Fabric backend can only able to process one Filter policy at a time. If you try to apply/save the other policies it gives you an error as FCR is in Transient state. 

As a best practice we need to have Filter policies enabled first and then turn on the BGP peering to avoid loops/sub optimal routing.

  • brandon_wright's avatar
    brandon_wright
    Equinix Product Manager

    Hi VirtualNet, thank you for your feedback around this current behavior and great explanation of your use case and how it can affect the routing in your environment. We already had an enhancement in plan for our April feature release, but I'm working with our development team to see if we can adjust this behavior within the next week as part of a patch. This change would allow users to apply (removing route filter policies that are already applied when BGP is disabled already behaves this way) Route Filter Policies to a connection that is configured with BGP disabled, or where BGP is otherwise in a disabled state. Once this change goes in, you would be able to utilize the existing ability to configured BGP and leave it in a Disabled state, then apply your Route Filter Policies before enabling BGP.

    In the very short-term while we work to get a patch rolled out to enhance the existing behavior, there is an approach that may be helpful in working around this behavior: As you create your connections, you can configure the Layer 3 / BGP details on the Equinix side first so that BGP is enabled but will not move into an Established state, allowing you to apply your Route Filter Policies before configuring BGP on the remote peer.

    As soon as I have confirmation around the date/time that this patch is being merged to production, I'll be sure to follow up and share these details.

  • Jantzen's avatar
    Jantzen
    Equinix Employee

    VirtualNet - Thanks for posting. Sorry to hear you are running into some issues with FCR. Let me loop in some folks from the FCR team to get their take. Stay tuned.