The Border Gateway Protocol (BGP) is a routing protocol for communication between autonomous systems (ASs) on the Internet. You can create and configure a BGP routing instance on the security device. Note that a virtual router (VR) such as the trust-vr can have only one BGP routing instance at a time.
The Virtual Router (BGP) - Parameters page supports both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) if you set the IPv6 environment variable. The first area of the page contains general parameters that apply to both IPv4 and IPv6. The second area is for IPv4 parameters, and the third area is for IPv6 parameters. If IPv6 is not enabled, the third area will not appear.
This procedure applies to both IPv4 and IPv6 if you set the IPv6 environment variable. Unless otherwise indicated, the parameters and their usage are the same for both protocols.
Enter the necessary information:
AS Number (required): Enter a value for the AS to which the current BGP routing instance belongs. The value can be any valid integer.
Keep Alive: Specifies the number of seconds between keepalive packet transmissions sent by the BGP routing instance to its peer.Select one of the following:
Use node default: Sets the keepalive transmission interval to one-third of the hold time.
Custom: Sets the keepalive transmission interval to the value you specify.
Hold Time: Select one of the following:
Disable: Disables the hold time.
Enable: Enables the hold time. Enter the maximum number of seconds that can elapse between message transmissions between the current BGP virtual routing instance and its BGP neighbor. The minimum number of seconds allowed is three.
Retry Time: Select one of the following:
Disable: Disables the retry time.
Enable: Enables the retry time. Enter the number of seconds following an unsuccessful BGP session establishment with a peer that a session establishment is retried.
Route reflector: Select one of the following:
Disable: Disables the route reflector feature.
Enable: Specifies that the current BGP routing instance is to act as a route reflector or a device that advertises routes incoming to the current AS to clients in a designated reflector cluster.
Cluster ID: Enter a value that indicates the ID number. This identifies the group of routing instances that comprises both the route reflector and the reflector clients to which the route reflector advertises all learned routes entering the current AS from an external routing domain.
BGP Enabled: Specifies that the current BGP routing instance is enabled. BGP routing instances can be in one of two states: enabled or disabled (the default). You must enable a BGP virtual routing instance for it to be active.
Always compare MED state: Compares each entry point into the AS with all others to determine its level of relative desirability as a path into the AS. The entry point with the lowest value is the most desirable. The routing instance designates the most desirable entry point as the default path into the AS from other routing domains. This method is known as the Multi_Exit_Discriminator comparison.
Route flap damping state: Blocks advertisements of a flapping route. That is, the current BGP routing instance suppresses route advertising by an unstable router on the network. If a router in a pattern of failing and enabling continues to advertise itself and its routes as alternatively available and unavailable, it floods the network with invalid advertisements, an activity known as route flapping.
Ignore default route from peer: Ignores default route advertisements from BGP peers.
Advertise default route: Advertises the default route in the VR to BGP peers.
Synchronize with IGP: Enables synchronization with an interior gateway protocol (IGP), such as Open Shortest Path First (OSPF) or Routing Information Protocol (RIP).
Default local preference: Enter the preference value for the AS path for BGP updates going into the current virtual routing instance.
Default MED: Enter the default Multi_Exit_Discriminator attribute value on the current BGP virtual routing instance. This BGP attribute determines the relative preference of entry points into an AS.
Click OK to save your changes and return to the Virtual Router Basic Configuration page. Click Apply to continue configuring the BGP routing instance.
If you clicked Apply, the following links appear at the top of the page: Confederation, Networks, Community, Redist. Rules, Aggregate Address, Neighbors, Peer Group, and AS Path.
After you create a BGP routing instance, you can perform the following configurations:
To configure BGP confederations, see BGP Confederations.
To specify networks that are reachable from the virtual router, see BGP Network Setting Configuration.
To configure BGP communities, see BGP Communities.
To configure conditions to redistribute routes to the current BGP router, see BGP Redistribution Rules.
To configure an aggregated BGP address, see BGP Aggregation.
To configure BGP neighbors, see BGP Peers.
To configure BGP peer groups, see BGP Peer Groups.
To configure an AS-PATH access list, see BGP AS-Path Access List.