Link Search Menu Expand Document

BGP Tab

Configuration > Networking > Routing > BGP

On this tab, you can configure BGP (Border Gateway Protocol) for appliances and add their BGP peers (also known as BGP “neighbors”). You can also add and modify peer-based advertisement and redistribution rules. EdgeConnect has the following behaviors relative to communities:

  • EdgeConnect will propagate any existing communities and can be configured to assign and append new communities, remove, or replace all communities for routes advertised to peers.

  • Appliances can display up to ten communities per route.

  • Appliances subnet-share communities with their EdgeConnect peers.

  • Appliances advertise communities to remote peers, if learned from EdgeConnect peers.

  • Appliances advertise communities to BGP neighbors.

  • All BGP-learned subnets also appear in the appliance Routes table, displayed on the Routes configuration page. In addition, any AS Path or BGP Community information learned with a particular subnet will also be displayed with that subnet entry in the table.

  • BGP route updates are not refreshed unless the peer specifically asks for it. To update the BGP routes, go to the Peers table and select Soft Reset in the desired row.

  • BGP Equal-cost multi-path (ECMP) is supported for eBGP and iBGP. Multiple next-hops will be installed for the same prefix if all BGP path attributes are the same, enabling BGP to load balance egress traffic across multiple peers.

  • A maximum of 64 BGP peers and 64 OSPF neighbors is supported per appliance, with 200 next-hops supported per interface.

  • A small set of community numbers are used as internal communities that represent the source domain of a particular route:

    Value Description
    100 Locally configured
    101 Subnet shared (learned from another appliance)
    102 Local BGP
    103 Remote BGP (learned from another appliance)
    104 Local OSPF
    105 Remote OSPF (learned from another appliance)

    These internal community values only use the appliance’s local ASN in the ASN portion of the community. When the ASN portion of an attached community exactly matches the local ASN and the community portion exactly matches one of these internal values, they are flagged as internal communities only and stripped when advertising the route to BGP peers.

Click the Summary button on the BGP tab to display configuration details associated with the local appliance, such as its local AS number and router ID. Click the icon in the BGP State Details column to display a summary, including the number of routes learned and advertised via BGP by this appliance.

Click the Peers button on the BGP tab to display information about all configured peers for the appliances selected in the appliance tree. Click the icon in the Peer Details column to display the connection status of each peer that is configured for the appliance.

Filter by Segment

To filter the rows displayed in the BGP table by segment:

  • Select Default from the Segment drop-down list to display for the system-supplied default segment, or

  • Select one of the other listed segments, which reflect the custom segments defined using Routing Segmentation (Configuration > Networking > Routing > Routing Segmentation (VRF)).

Select All to display for all segments, which is the default setting.

The table below describes the fields displayed for the BGP configuration.

Field Description
Appliance Name of the appliance.
Segment Name of the segment being used, if enabled.
Peer IP IP address of the EdgeConnect peer. IPv4 and IPv6 are both supported.

NOTE: When using VXLAN with BGP, only IPv4 addresses are supported.
Local Interface A list of the interfaces that can be chosen: Any, lan0, wan0, or wan1.
Peer ASN Peer’s Autonomous System Number.
Peer State State of the peer. A peer state of Established indicates that full adjacency has been established and routes can be advertised to and learned from that peer.
Soft Reset Click the Soft Reset button to manually request a route update from the BGP peer without resetting the session.

NOTE: Before you perform a soft reset, ensure that Soft Reconfiguration is disabled for this BGP peer.
Soft Reconfiguration Indicates whether Soft Reconfiguration is enabled for this BGP peer.
Established Time Final peer state that indicates neighbor connection as complete.
Type Governs what kinds of routes the appliance is allowed to advertise to this BGP peer. These routes are itemized as Route Export Policies.
Inbound Route Map Route map being used for the inbound traffic.
Outbound Route Map Route map being used for the outbound traffic.
Local Preference Local preference is the first attribute an EdgeConnect appliance looks at to determine which route towards a certain destination is the “best” one. This value is not exchanged between external BGP routers. Local preference is a discretionary BGP attribute. Default value is 100. The path with the highest local preference is preferred.
MED Multi Exit Discriminator. When BGP chooses the best route to reach a certain destination, it first looks at the local preference and AS path attributes. When the local preference and AS path length are the same for two or more routes towards a certain prefix, the Multi Exit Discriminator (MED) attribute is chosen. With MED, the lowest value is preferred.

NOTE: If you configured the Metric Delta parameter in an earlier version of our software, this value has been translated into a MED value.
Input Metric Metric that is advertised with the route when shared.
Enable Imports Allows the learning of routes from this specific BGP peer.
AS Prepend Count Learned path from an external prepend between a remote BGP site to local BGP peers.
Next-Hop-Self Advertised route connected to a CE router that an EdgeConnect appliance learns from the eBGP with a PE router.
Override ASN Indicates whether routes are advertised to the BGP peer where the BGP peer’s own ASN is in the AS-Path.
Keep Alive Timer Interval, in seconds, between keep alive signals to a peer.
Hold Timer When availability to a peer is lost, this specifies how long to wait before dropping the session.
BFD Indicates whether BFD is enabled for the BGP peer. This field is set to N/A if BFD is not supported on the appliance.
Adjacency Indicates the adjacency of the BGP peer (Single-Hop or Multi-Hop). This field is set to N/A if BFD is not supported on the appliance.
Peer Details Additional details about the peer or its state.

To edit the BGP configuration for one of the listed appliances, click the edit icon in the left column of the table.

BGP Information

Use this window to enable BGP for your appliances and to configure BGP peers. Complete the following steps to start BGP configuration.

  1. Move the toggle to Enable BGP.

  2. Complete the following fields.

    Field Description
    Autonomous system number (ASN) Configure this number as needed for your network.
    Router ID This router identifier is the IPv4 address by which the remote peer can identify this appliance for purposes of BGP.
    Route Target The BGP route target that identifies the routes associated with a segment. The route target must be in the following form: 2bytesASN:4bytesID or 4byteASN:2byteID (for example, 65001:1200).

    NOTE: Route target is available for all segments.
    Import:Export Select this check box to specify a unique import and export value.
    Graceful restart Enable receiver-side graceful restart capability. EdgeConnect retains routes learned from the peer and continues to use it for forwarding (if possible) if/when a BGP peer goes down. The retained routes are considered stale routes. They will be deleted and replaced with newly received routes.

    Max Restart Time – Specifies the maximum time (in seconds) to wait for a Graceful Restart capable peer to come back after a peer restart or peer session failure.

    Stale Path Time – Specifies maximum time (in seconds) following a peer restart that EdgeConnect waits before removing stale routes associated with that peer.
    AS path propagate Select this check box to enable this appliance to send the full AS path, associated with a prefix to other routers and appliances, avoiding routing loops. This will provide the learned path from an external prepend between a remote BGP site to local BGP peers.
    Log BGP update messages Select this check box to enable logging of BGP peer messages on the segment. This feature provides detailed logging of BGP update messages exchanged between BGP peers. It captures and logs every detail for each update, whether sent or received, including key attributes such AS Path list, routes, next-hop, origin, MED, and so on as they are shared with or received from a BGP peer.
  3. Under the Common settings for all segments header, complete the following fields:

    Field Description
    Max route updates per peer The maximum number of route updates for each peer running route loop detection. The default value is 10, and the range is 5–100.
    Detection interval The interval, in minutes, at which route advertisement loop detection runs. A route advertisement loop occurs when the same route is being advertised, removed, and re-advertised repeatedly within a short time period. The default value is 15, and the range is 1–60.

To add a BGP peer, select Add. The Add Peer dialog box opens.

Add Peer

Complete the following fields to add a BGP peer.

Field Description
Peer IP IP address of the EdgeConnect peer. IPv4 and IPv6 are both supported.
Peer Adjacency To specify the adjacency of the BGP peer, click Single-Hop or Multi-Hop. Single-Hop is the default selection.
EVPN Peer Select this check box to enable the extended BGP technology for casting VXLAN information. Enabling EVPN Peer disables IPv4/IPv6 unicast routing for this peer. Only one address family is supported per BGP peer. Only IPv4 is available when you enable VXLAN.

NOTE: EVPN Peer is only displayed for the default segment (VRF ID = 0).

NOTE: This field is only available if you configured VXLAN using the VXLAN template or by configuring it on the VXLAN tab and you selected a VXLAN tunnel endpoint (VTEP) source interface. For more information on configuring VXLAN and a VTEP source interface, see VXLAN Tab or VXLAN Template.
Local Interface You can specify the source address or interface for a specific BGP peer. Select the interface from the drop-down list: any, lan0, wan0, or wan1. If you selected the EVPN Peer check box, this value is automatically set to the VTEP source interface you set when you configured VXLAN.
Peer ASN Replace all ASNs in the AS-Path of routes advertised to this peer with the appliance ASN.
Override ASN Select this check box to advertise routes to the BGP peer where the BGP peer’s own ASN is in the AS-Path. All instances of the BGP peer ASN are replaced with the local ASN of the appliance in all routes advertised to the BGP peer.
Peer Type Select the type of peer from the drop-down list: Branch or PE-router. If you selected the EVPN Peer check box, this value is automatically set to Branch.
Admin Status Select whether you want the Admin Status UP or DOWN.
Soft Reconfiguration Select this check box to prevent the appliance from sending a route-refresh message to the BGP peer when a policy is changed. When enabled, the appliance will apply policy changes against BGP peer learned routes stored in memory.

NOTE: To request a route update from the peer, click the Soft Reset button for the peer on the BGP tab. Before you perform a soft reset, ensure that Soft Reconfiguration is disabled for this BGP peer.
Next-Hop-Self Select this check box to enable the next-hop-self.
Inbound route map Route map for inbound traffic. Select the edit icon to load or configure inbound route maps.
Outbound route map Route map for outbound traffic. Select the edit icon to load or configure outbound route maps.
Outbound route map Route map for outbound traffic. Select the edit icon to load or configure outbound route maps.
BFD Select this check box to enable BFD for the BGP peer. This field is not displayed if BFD is not supported on the appliance.

NOTE: Before you select this check box, enable and configure BFD from the BFD tab.
Keep Alive Timer Interval, in seconds, between keep alive signals to a peer.
Hold Timer Specified time to wait before dropping the session when the reachability to a peer is lost.
Enable MD5 Password Select this check box to add a password to authenticate the TCP session with the peer.

NOTE: Multiple address families are not supported on a single BGP peer. You must configure a separate BGP peer for each address family. IPv6 peers are only capable of exchanging IPv6 routes. IPv4 peers are only capable of exchanging IPv4 routes.

BGP Inbound and Outbound Route Redistribution Maps

Route Maps are policies applied to IP routes during redistribution between routing protocols. They have Match Criteria and Set Actions that allow for filtering routes or modifying metrics and attributes for routes that meet the criteria defined in the match statement. Route-map rules follow a top-down order based on the sequence number defined for each entry.

EdgeConnect Enterprise supports applying Route Maps inbound from and outbound to BGP peers and outbound to OSPF neighbors and the SD-WAN Fabric. It is best practice to use Orchestrator to apply Route Maps using templates.

You can specify up to 20 BGP inbound route maps, 20 BGP outbound route maps, and 128 rules per route map.

You can specify up to 6 comma separated prefixes for each rule applied to a route map.

You can add, delete, rename, or clone route maps using this window. You can add rules to your route map by clicking Add Rule. A route map without any enabled rules is treated as a default deny all.

Prefix Match Criteria

The default for prefix match criteria is exact-match + greater-than. Both the specified prefix and any subnets of that prefix will be matched, up to a length of 32 for IPv4 or 128 for IPv6 (subnet sharing route maps only).

Less-than-or-equal-to (LE) and greater-than-or-equal-to (GE) clauses can also be applied to specify the inclusion of certain subnets.

To match a default-route, deny 0.0.0.0/1, deny 128.0.0.0/1, and then permit any.

GE Clause

If a GE clause is applied, the rule will also include all prefixes that have a prefix length greater than or equal to the GE value and less than or equal to 32 or 128 (for IPv6).

Example: A.B.C.D/X GE Y

In this example the following will be included:

  • The exact match to A.B.C.D/X

  • All the prefixes that belong to the subnet A.B.C.D/X that have a length greater than or equal to Y and less than or equal to 32

For example, you have a route map entry of 192.168.0.0/16 GE 24, and a peer advertises the following prefixes:

  • 192.168.0.0/16

  • 192.168.1.0/24

  • 192.168.2.0/25

  • 192.168.2.128/25

192.168.0.0/16 – The prefix length is 16, which is not greater than or equal to 24. This route does not match.

192.168.1.0/24 – The prefix length is 24, which is equal to the specified value. Therefore, this route matches the condition.

192.168.2.0/25 – The prefix length is 25, which is greater than or equal to 24. Therefore, this route matches the condition.

192.168.2.128/25 – The prefix length is 25, which is greater than or equal to 24. Therefore, this route also matches the condition.

So, the routes that would be matched by the given route map entry are:

  • 192.168.1.0/24

  • 192.168.2.0/25

  • 192.168.2.128/25

LE Clause

If an LE clause is applied, the rule will also include all prefixes that have a prefix length less than or equal to the LE value.

Example: A.B.C.D/X LE Y

In this example the following will be included:

  • The exact match to A.B.C.D/X

  • All the prefixes that belong to the subnet A.B.C.D/X that have a length greater than or equal to X and less than or equal to 32

  • All the prefixes that belong to the subnet A.B.C.D/X that have a length less than or equal to Y

For example, you have a route map entry of 192.168.0.0/16 LE 24, and a peer advertises the following prefixes:

  • 192.168.0.0/16

  • 192.168.1.0/24

  • 192.168.2.0/25

  • 192.168.2.128/25

192.168.0.0/16 – The prefix length is 16, which is less than or equal to 24. This route matches.

192.168.1.0/24 – The prefix length is 24, which is equal to the specified value. This route matches.

192.168.2.0/25 – The prefix length is 25, which is not less than or equal to 24. This route does not match.

192.168.2.128/25 – The prefix length is 25, which is not less than or equal to 24. This route does not match.

So, the routes that would be matched by the given route map entry are:

  • 192.168.0.0/16

  • 192.168.1.0/24

Combining LE and GE Clauses

Example: A.B.C.D/X LE Y GE Z

In this example the following will be included:

  • The exact match to A.B.C.D/X

  • All the prefixes that belong to the subnet A.B.C.D/X that have a length less than or equal to Y

  • All the prefixes that belong to the subnet A.B.C.D/X that have a length greater than or equal to Z and less than or equal to 32

Exact Match

If both GE and LE clauses are specified and are equal, the rule will result in an exact match.

Example: A.B.C.D/X LE Y GE Y

In this example, the following will be included:

  • The exact match to A.B.C.D/X

  • The exact match to the subnet A.B.C.D/X that has a length equal to Y

You can specify the following fields in each rule for the selected route map.

Priority (Inbound and Outbound)

Field Description
Priority If you are using Orchestrator templates to add rules, Orchestrator will delete all entries from 1000 – 9999 before applying its policies.

You can create rules with higher priority than Orchestrator rules (1 – 999) and rules with lower priority (10000 – 19999 and 25000 – 65534).

NOTE: The priority range from 20000 to 24999 is reserved for Orchestrator.

When adding a rule, the priority is incremented by 10 from the previous rule. The priority can be changed, but this default behavior helps to ensure you can insert new rules without having to change subsequent priorities.

Select Match Criteria (Inbound)

Source Protocol Complete the Following Fields (based on protocol selected)
BGP Prefix + optional LE/GE parameters

BGP Communities

Select Match Criteria (Outbound)

Source Protocol Complete the Following Fields (based on protocol selected)
Local/Static Prefix + optional LE/GE parameters
SD-WAN (Local/Static) Prefix + optional LE/GE parameters

BGP Communities
BGP Prefix + optional LE/GE parameters

BGP Communities
OSPF Prefix + optional LE/GE parameters

OSPF Tag
SD-WAN (BGP) Prefix + optional LE/GE parameters

BGP Communities
SD-WAN (OSPF) Prefix + optional LE/GE parameters

OSPF Tag

BGP Communities
SD-WAN (CFGSET) Prefix + optional LE/GE parameters

BGP Communities
SD-WAN (RIP) Prefix + optional LE/GE parameters

BGP Communities
SD-WAN (OVERLAY) Prefix + optional LE/GE parameters

BGP Communities
SD-WAN (IAPVPN) Prefix + optional LE/GE parameters

BGP Communities
OAP-BGP Prefix + optional LE/GE parameters

BGP Communities
OAP-OSPF Prefix + optional LE/GE parameters

OSPF Tag
OAP-CFGSET Prefix + optional LE/GE parameters
OAP-RIP Prefix + optional LE/GE parameters
OAP-OVERLAY Prefix + optional LE/GE parameters
OAP-IAPVPN Prefix + optional LE/GE parameters
OAP-STATIC Prefix + optional LE/GE parameters
OAP-DIRECT Prefix + optional LE/GE parameters

Set Actions (Inbound and Outbound)

Field Description
Permit Enable or disable. This setting allows or denies the route map.
BGP Local Preference Best BGP destination. The default value is 100.
Metric Metric for the route.
BGP Communities Label of extra information that is added to one or more prefixes advertised to BGP neighbors. There are three options for how this information is added:

Append – Click to add this information to the prefix when the route is advertised to BGP neighbors.

Override – Click to replace the communities in the route with the community specified.

Remove – Click to remove this information from the prefix when the route is advertised to BGP neighbors.

You can append up to six BGP Communities in inbound and outband route maps using BGP route map rules. The maximum number of communities supported for an advertised or received BGP route is 11.
Nexthop Advertised route connected to a CE router that an EdgeConnect appliance learns from the eBGP with a PE router.
ASN Prepend Count Original route path that was used.

NOTE: This field is displayed only for the Outbound redistribution map.
Comment Comment you want to include.

The following table describes the redistribution commands supported in the BGP routing protocol.

Command Redistribution Support
Match prefix Yes
Set metric Yes
Set tag Yes

Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP.

For third-party trademark acknowledgements, go to Trademark Acknowledgements. All third-party marks are property of their respective owners.

To view the end-user software agreement, go to HPE Aruba Networking EULA.

Open Source Code:

This product includes code licensed under certain open source licenses which require source compliance. The corresponding source for these components is available upon request. This offer is valid to anyone in receipt of this information and shall expire three years following the date of the final distribution of this product version by Hewlett Packard Enterprise Company. To obtain such source code, please check if the code is available in the HPE Software Center at https://myenterpriselicense.hpe.com/cwp-ui/software but, if not, send a written request for specific software version and product for which you want the open source code. Along with the request, please send a check or money order in the amount of US $10.00 to:

Hewlett Packard Enterprise Company
Attn: General Counsel
WW Corporate Headquarters
1701 E Mossy Oaks Rd Spring, TX 77389
United States of America