Windows and BGP

Enabling BGP on Calico with Windows

To enable BGP mode for routing traffic with RKE2 using both Linux and Windows nodes, the Calico CNI should be selected in the Server configuration.

# /etc/rancher/rke2/config.yaml
cni: calico

Calico should then be configured with BGP enabled and encapsulation set to None.

# /var/lib/rancher/rke2/server/manifests/rke2-calico-config.yaml
---
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: rke2-calico
  namespace: kube-system
spec:
  valuesContent: |-
    installation:
      calicoNetwork:
        bgp: Enabled
      backend: "None"

Starting Windows node

Configure RKE2 on the Windows node as described here.

Before starting the RKE2 service, RemoteAccess must be enabled.

Install-WindowsFeature RemoteAccess
Install-WindowsFeature RSAT-RemoteAccess-PowerShell
Install-WindowsFeature Routing

This requires a reboot to function properly.

Next, configure the RemoteAccess service:

Install-RemoteAccess -VpnType RoutingOnly

To check if the RemoteAccess service has started properly, use the following command:

Start-Service RemoteAccess

After that, you can start the RKE2 service.

Enabling BGP on Calico with Windows​

Starting Windows node​

Enabling BGP on Calico with Windows

Starting Windows node