Netbox Sync BGP Peerings Task¤
task api name:
sync_bgp_peerings
Synchronises BGP sessions between live network devices and the NetBox BGP plugin. Supports idempotent create, update, and optional deletion of stale sessions.
How it Works¤
Data collection — NetBox worker fetches existing BGP sessions from NetBox BGP plugin. In parallel, Nornir service parses BGP neighbor data from devices using parse_ttp with get="bgp_neighbors".
Normalisation and diff — Both datasets are normalised to flat comparable dicts keyed by session name convention {device_name}_{session_name}. DeepDiff classifies each session as create, update, delete, or in_sync.
NetBox writes — Sessions are created, updated, or (when process_deletions=True) deleted in NetBox. IP addresses and ASNs are resolved from IPAM or created on-demand. On create, all related objects (peer groups, routing policies, prefix lists) are resolved or created by name.
Dry run — When dry_run=True no writes occur; the raw diff report is returned.
- Client submits
sync_bgp_peeringsrequest to NetBox worker - NetBox worker fetches existing BGP sessions from NetBox BGP plugin
- NetBox worker requests Nornir service to parse BGP neighbor data from devices
- Nornir fetches and parses BGP state from the network
- Nornir returns parsed BGP session data to NetBox worker
- NetBox worker computes diff, then writes creates/updates/deletes to NetBox
Prerequisites¤
- NetBox BGP plugin (
netbox-bgp) must be installed and enabled on the NetBox instance. - Nornir service must have a TTP getter that handles
get="bgp_neighbors".
Branching Support¤
sync_bgp_peerings is branch-aware. Pass branch=<name> to write all changes into a NetBox Branching Plugin branch instead of main.
Session Naming Convention¤
By default, NetBox session names follow:
{device}_{name}
For example, device ceos-leaf-1 with a parsed session to-spine-1 becomes ceos-leaf-1_to-spine-1.
Use the name_template parameter to customise the naming scheme. The template is a Python format string with the following variables:
| Variable | Description |
|---|---|
device |
Device name (e.g. ceos-leaf-1) |
name |
Parsed session name |
description |
Session description |
local_address |
Local IP address string |
local_as |
Local AS number string |
remote_address |
Remote IP address string |
remote_as |
Remote AS number string |
vrf |
VRF name or None |
state |
Device-reported state (e.g. established) |
peer_group |
Peer group name or None |
import_policies |
List of import policy names or None |
export_policies |
List of export policy names or None |
prefix_list_in |
Inbound prefix list name or None |
prefix_list_out |
Outbound prefix list name or None |
Example:
name_template="{device}_BGP_{name}"
# ceos-leaf-1_BGP_to-spine-1
Filtering Sessions¤
Three optional filters narrow which sessions are considered during sync. Filters apply to both the NetBox dataset and the live device dataset before the diff is computed. Sessions that do not match are silently excluded from creates, updates, and deletes.
| Parameter | Match logic | Applied to |
|---|---|---|
filter_by_remote_as |
Exact match — session's remote AS must equal one of the provided integer values | NetBox & live |
filter_by_peer_group |
Exact match — session's peer group name must equal one of the provided values | NetBox & live |
filter_by_description |
Glob match — session's description must match the provided glob pattern (e.g. *uplink*) |
NetBox & live |
Multiple filters may be combined; all must pass (AND logic). filter_by_description uses Python fnmatch glob syntax — * matches any sequence of characters, ? matches a single character.
Note
When process_deletions=True, only sessions that pass the filters are candidates for deletion. Sessions excluded by a filter are never deleted.
Dry Run Mode¤
dry_run=True returns the diff without any NetBox writes:
{
"<device>": {
"create": ["<session_name>", ...],
"delete": ["<session_name>", ...],
"update": {
"<session_name>": {
"<field>": {"old_value": ..., "new_value": ...},
},
},
"in_sync": ["<session_name>", ...],
}
}
Deletion Behaviour¤
Default process_deletions=False — sessions present in NetBox but absent on the device are left untouched.
Set process_deletions=True to delete stale sessions. Only sessions for the explicitly targeted devices are considered.
Warning
Anything the TTP getter does not return (parser gap, unreachable device) will be deleted when process_deletions=True. Use dry-run to check before break.
Examples¤
Sync BGP sessions for a list of devices:
nf#netbox sync bgp-peerings devices ceos-leaf-1 ceos-leaf-2 rir lab
Preview changes without writing to NetBox (dry run):
nf#netbox sync bgp-peerings devices ceos-leaf-1 dry-run
Sync and delete stale sessions no longer present on devices:
nf#netbox sync bgp-peerings devices ceos-leaf-1 ceos-leaf-2 rir lab process-deletions
Use a custom session naming template:
nf#netbox sync bgp-peerings devices ceos-leaf-1 rir lab name-template "{device}_BGP_{name}"
Sync sessions into a NetBox branch:
nf#netbox sync bgp-peerings devices ceos-leaf-1 rir lab branch my-bgp-branch
Sync using Nornir host filters instead of explicit device names:
nf#netbox sync bgp-peerings rir lab FG spine-group
Sync only sessions with a specific remote AS:
nf#netbox sync bgp-peerings devices ceos-leaf-1 rir lab filter-by-remote-as 65001
Sync only sessions belonging to a peer group:
nf#netbox sync bgp-peerings devices ceos-leaf-1 rir lab filter-by-peer-group EBGP_PEERS
Sync only sessions whose description matches a glob pattern:
nf#netbox sync bgp-peerings devices ceos-leaf-1 rir lab filter-by-description "*spine uplink*"
from norfab.core.nfapi import NorFab
nf = NorFab(inventory="./inventory.yaml")
nf.start()
client = nf.make_client()
# sync BGP sessions for specific devices
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1", "ceos-leaf-2"],
"rir": "lab",
},
)
# dry run — preview creates/updates/deletes without writing
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"dry_run": True,
},
)
# sync and remove stale sessions
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1", "ceos-leaf-2"],
"rir": "lab",
"process_deletions": True,
},
)
# custom session name template
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"name_template": "{device}_BGP_{name}",
},
)
# sync into a NetBox branch
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"branch": "my-bgp-branch",
},
)
# use Nornir host filters instead of explicit device names
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"rir": "lab",
"FG": "spine-group",
},
)
# sync only sessions with a specific remote AS
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"filter_by_remote_as": [65001, 65002],
},
)
# sync only sessions belonging to a peer group
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"filter_by_peer_group": ["EBGP_PEERS"],
},
)
# sync only sessions whose description matches a glob pattern
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"filter_by_description": "*spine uplink*",
},
)
nf.destroy()
VRF Custom Field¤
VRF reference could be stored in a BGP session custom field, for that
custom field must be configured as type Object in NetBox pointing to the VRF
content-type. By default vrf_custom_field="vrf" means custom_fields["vrf"] is
used for all reads and writes. The parameter is forwarded to both create_bgp_peering
and update_bgp_peering internally so all normalisation, diff, and write operations
use the same field consistently.
result = client.run_job(
"netbox",
"sync_bgp_peerings",
workers="any",
kwargs={
"devices": ["ceos-leaf-1"],
"rir": "lab",
"vrf_custom_field": "tenant_vrf", # BGP Sessions custom field -> Object-type VRF
},
)
NORFAB Netbox Sync BGP Peerings Command Shell Reference¤
NorFab shell supports these command options for the Netbox sync_bgp_peerings task:
nf# man tree netbox.sync.bgp-peerings
root
└── netbox: Netbox service
└── sync: Sync Netbox data
└── bgp-peerings: Sync BGP peering sessions
├── timeout: Job timeout
├── workers: Filter worker to target, default 'any'
├── verbose-result: Control output details, default 'False'
├── progress: Display progress events, default 'True'
├── instance: Netbox instance name to target
├── branch: Branching plugin branch name to use
├── dry-run: Return diff without writing to NetBox
├── devices: List of device names to process
├── status: Status for created/updated sessions, default 'active'
├── process-deletions: Delete NetBox sessions absent on device, default 'False'
├── rir: RIR name for ASN creation (e.g. 'RFC 1918')
├── message: Changelog message for all NetBox write operations
├── name-template: Template for BGP session names in NetBox, default '{device}_{name}'
├── filter-by-remote-as: Only sync sessions with matching remote AS number(s)
├── filter-by-peer-group: Only sync sessions with matching peer group name(s)
├── filter-by-description: Only sync sessions whose description matches this glob pattern
├── vrf-custom-field: BGP session field for VRF reference, default 'vrf'
├── FO: Filter hosts using Filter Object
├── FB: Filter hosts by name using Glob Patterns
├── FH: Filter hosts by hostname
├── FC: Filter hosts containment of pattern in name
├── FR: Filter hosts by name using Regular Expressions
├── FG: Filter hosts by group
├── FP: Filter hosts by hostname using IP Prefix
├── FL: Filter hosts by names list
├── FM: Filter hosts by platform
└── FN: Negate the match
nf#
Python API Reference¤
Synchronize BGP sessions between live devices and NetBox.
Collects BGP session data from devices via Nornir parse_ttp with
get="bgp_neighbors", compares against existing NetBox BGP sessions and
creates, updates, or (optionally) deletes sessions in NetBox accordingly.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
job
|
Job
|
NorFab Job object. |
required |
instance
|
str
|
NetBox instance name. |
None
|
devices
|
list
|
List of device names to process. |
None
|
status
|
str
|
Status to assign to created/updated sessions when not |
'active'
|
dry_run
|
bool
|
If True, return diff report without writing to NetBox. |
False
|
process_deletions
|
bool
|
If True, delete NetBox sessions not found on device. |
False
|
timeout
|
int
|
Timeout in seconds for Nornir |
60
|
branch
|
str
|
NetBox branching plugin branch name. |
None
|
rir
|
str
|
RIR name to use when creating new ASNs in NetBox (e.g. |
None
|
message
|
str
|
Changelog message recorded in NetBox for all create, update, and delete operations. |
None
|
name_template
|
str
|
Template string for BGP session names written to NetBox. Formatted with the following keyword arguments from parsing results:
Default: |
'{device}_{name}'
|
filter_by_remote_as
|
list of int
|
Only include sessions whose remote AS number matches one of the provided integer values. Applied to both NetBox and live device sessions. |
None
|
filter_by_peer_group
|
list
|
Only include sessions whose peer group name matches one of the provided values. Applied to both NetBox and live device sessions. |
None
|
filter_by_description
|
str
|
Only include sessions whose description matches
this glob pattern (e.g. |
None
|
vrf_custom_field
|
str
|
Name of the BGP session custom field that stores
the VRF object reference. The custom field must be of type Object in
NetBox pointing to the VRF content-type. The value is always a single
VRF object reference read from and written into
|
'vrf'
|
**kwargs
|
object
|
Nornir host filters (e.g. |
{}
|
Returns:
| Type | Description |
|---|---|
Result
|
Normal run result keyed by device name:: {
" |
Result
|
Dry-run result keyed by device name:: {
" |
Source code in norfab\workers\netbox_worker\bgp_peerings_tasks.py
1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 | |