If a Cisco device has VRFs defined and BGP peers configured in those VRFs, but no BGP sessions/peers in the default VRF, a SNMP (v3) walk without context will not find any cbgpPeer2RemoteAs.
The code at the top of includes/polling/bgp-peers.inc.php populating $peer_data_check will return an empty Array:
$peer_data_check = snmpwalk_cache_oid($device, 'cbgpPeer2RemoteAs', [], 'CISCO-BGP4-MIB');
This causes the code further below in the same file to skip reading the BGP peer data for the peers in the VRFs.
We’ve observed the issue on at least these devices and software:
- Cisco Nexus 9000 series, running NX-OS 9.3.8 and 9.3.9
- Cisco ASR 9901 running IOS-XR 7.3.2
… but the issue will be present on all Cisco devices with BGP peers in VRFs, and no BGP peers in the default VRF.
We’ve fixed the polling with the following changes, but would like some advice if this is acceptable to proceed with as a pull request.
--- a/includes/polling/bgp-peers.inc.php
+++ b/includes/polling/bgp-peers.inc.php
@@ -25,7 +25,26 @@ if (\LibreNMS\Config::get('enable_bgp')) {
} elseif ($device['os'] === 'vrp') {
$peer_data_check = snmpwalk_cache_multi_oid($device, 'hwBgpPeerEntry', [], 'HUAWEI-BGP-VPN-MIB', 'huawei');
} elseif ($device['os_group'] == 'cisco') {
- $peer_data_check = snmpwalk_cache_oid($device, 'cbgpPeer2RemoteAs', [], 'CISCO-BGP4-MIB');
+ # As the Cisco code path doesn't use $peer_data_check
+ # filling it with dummy data (i.e. !empty) will fix the issue
+ # of the code not fetching data for non-default VRF BGP peers.
+ $peer_data_check = Array("ipv4.0.0.0.0" => Array("cbgpPeer2RemoteAs" => 0));
+ # or otherwise fetch for the first VRF (see below)
+ # or iterate over all VRF's (not implemented here)
+ #
+ #$peer0_vrf = $peers[0]['context_name'];
+ #if ($peer0_vrf) {
+ # $device['context_name'] = $peer0_vrf;
+ #}
+ #$peer_data_check = snmpwalk_cache_oid($device, 'cbgpPeer2RemoteAs', [], 'CISCO-BGP4-MIB');