You can configure Border Gateway Protocol (BGP) for the dynamic routing capabilities of an NSX Data Center for vSphere edge gateway.
As described in the NSX Administration Guide, BGP makes core routing decisions by using a table of IP networks or prefixes, which designate network reachability among multiple autonomous systems. In the networking field, the term BGP speaker refers to a networking device that is running BGP. Two BGP speakers establish a connection before any routing information is exchanged. The term BGP neighbor refers to a BGP speaker that has established such a connection. After establishing the connection, the devices exchange routes and synchronize their tables. Each device sends keep alive messages to keep this relationship alive.
- Open Edge Gateway Services.
- From the main menu (), select Cloud Resources.
- In the left panel, click Edge Gateways.
- Click the radio button next to the name of the target edge gateway, and click Services.
- Navigate to .
- If BGP is not currently enabled, use the Enable BGP toggle to enable it.
- Configure the BGP settings according to the needs of your organization.
Option Description Enable Graceful Restart Specifies that packet forwarding is to remain uninterrupted when BGP services are restarted. Enable Default Originate Allows the edge gateway to advertise itself as a default gateway to its BGP neighbors. Local AS Required. Specify the autonomous system (AS) ID number to use for the local AS feature of the protocol. The value you specify must be a globally unique number between 1 and 65534.
The local AS is a feature of BGP. The system assigns the local AS number to the edge gateway you are configuring. The edge gateway advertises this ID when the edge gateway peers with its BGP neighbors in other autonomous systems. The path of autonomous systems that a route would traverse is used as one metric in the dynamic routing algorithm when selecting the best path to a destination.
- You can either click Save changes, or continue to configure settings for the BGP routing neighbors.
- Add a BGP neighbor configuration by clicking the Add () button, specifying details for the neighbor in the dialog box, and clicking Keep.
Option Description IP Address Type the IP address of a BGP neighbor for this edge gateway. Remote AS Type a globally unique number between 1-65534 for the autonomous system to which this BGP neighbor belongs. This remote AS number is used in the BGP neighbor's entry in the system's BGP neighbors table. Weight The default weight for the neighbor connection. Adjust as appropriate for your organization's needs. Keep Alive Time The frequency with which the software sends keep alive messages to its peer. The default frequency is 60 seconds. Adjust as appropriate for the needs of your organization. Hold Down Time The interval for which the software declares a peer dead after not receiving a keep alive message. This interval must be three times the keep alive interval. The default interval is 180 seconds. Adjust as appropriate for the needs of your organization.
Once peering between two BGP neighbors is achieved, the edge gateway starts a hold down timer. Every keep alive message it receives from the neighbor resets the hold down timer to 0. If the edge gateway fails to receive three consecutive keep alive messages, so that the hold down timer reaches three times the keep alive interval, the edge gateway considers the neighbor down and deletes the routes from this neighbor.
Password If this BGP neighbor requires authentication, type the authentication password.
Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them will not be made.
BGP Filters Use this table to specify route filtering using a prefix list from this BGP neighbor.Caution: A block all rule is enforced at the end of the filters.Add a filter to the table by clicking the + icon and configuring the options. Click Keep to save each filter.
- Select the direction to indicate whether you are filtering traffic to or from the neighbor.
- Select the action to indicate whether you are allowing or denying traffic.
- Type the network that you want to filter to or from the neighbor. Type ANY or a network in a CIDR format.
- Type the IP Prefix GE and IP Prefix LE to use the le and ge keywords in the IP prefix list.
- Click Save changes to save the configurations to the system.
What to do next
Configure BGP on the other edge gateways that you want to exchange routing information with.
Add a firewall rule that allows traffic to and from the BGP-configured edge gateways. See Add an NSX Data Center for vSphere Edge Gateway Firewall Rule for information.