Configuring External BGP

Syntax:

set bgp external remote-as <AS Number>

      {off | on}

      ip-reachability-detection

            check-control-plane-failure {off | on}

            multihop {off | on}

            {off | on}

      aspath-prepend-count <1-25 | default>

      description text

      local-address <IP Address> {off | on}

      outdelay <0-65535>

      outdelay off

Parameters:

Parameter

Description

<AS Number> {off | on}

Specifies the autonomous system number of the external peer group.

Enter an integer between 1 and 65535.

ip-reachability-detection {off | on | multihop | check-control-plane-failure}

Configure Bidirectional Forwarding Detection (BFD) on the Security Gateway to send and receive BFD packets.

  • off

    Disables the features (this is the default).

    The Gaia Embedded OS purges stale routes when the peer goes down.

  • on

    Enables the feature.

    Singlehop BFD is for a peer that is one hop away.

    The peer must be on a directly connected network.

    Make sure the Firewall policy allows the UDP traffic on the port 3784 in both directions.

  • multihop local-address <IP Address>

    For a peer that is one or more hops away.

    Make sure the Firewall policy allows the UDP traffic on the port 4784 in both directions.

    The configuration on both BFD peers must be the same (both configured as multihop or singlehop).

  • check-control-plane-failure {off | on}

    Controls whether to interpret the control plane independent flag (the C bit) received from the remote BFD peer.

    When these two conditions are met at the same time, the Security Gateway keeps stale routes and does not purge them, for graceful restart purposes:

    1. The C-bit received from the peer is zero.

    2. The BGP graceful restart is enabled.

    For a Centrally ManagedSecurity Gateway, make sure the topology is correct in the Security Gateway object in SmartConsole (to prevent Anti-Spoofing from interfering with BFD traffic).

aspath-prepend-count <1-25 | default>

Specifies the number of times this router adds to the autonomous system path on external BGP sessions.

Use this option to bias the degree of preference some downstream routers have for the routes originated by this router.

Some implementations prefer to select paths with shorter autonomous system paths.

Range: 1-25

Default: 1

description text

You can enter a brief text description of the group.

Note - The text cannot contain spaces but must be a single word.

local-address <IP Address> {off | on}

Specifies the address used on the local end of the TCP connection with the peer group.

The local address must be on an interface that is shared with the peer or with the peer's gateway when the gateway parameter is used.

outdelay {<0-65535> | off}

Specifies the amount of time in seconds that a route must be present in the routing database before it is redistributed to BGP.

The configured value applies to all peers configured in this group.

This feature dampens route fluctuation.

The value zero (0) disables this feature.

Range: 0-65535

Default: 0