Border Gateway Protocol (BGP) makes core routing decisions. It includes a table of IP networks or prefixes, which designate network reachability among multiple autonomous systems.

An underlying connection between two BGP speakers is established before any routing information is exchanged. Keepalive messages are sent by the BGP speakers in order to keep this relationship alive. After the connection is established, the BGP speakers exchange routes and synchronize their tables.

Procedure

  1. Log in to the vSphere Web Client.
  2. Click Networking & Security > NSX Edges.
  3. Double-click an NSX Edge.
  4. Click Manage > Routing > BGP.
  5. Next to BGP Configuration, click Edit, and then click Enable BGP.
  6. (Optional) Click Enable Graceful Restart for packet forwarding to be uninterrupted during restart of BGP services.
  7. (Optional) Click Enable Default Originate to allow the ESG to advertise itself as a default gateway to its peers.
  8. In Local AS, enter the router ID. The routes are advertised when BGP peers with routers in other autonomous systems (AS). The path of autonomous systems that a route traverses is used as one metric when selecting the best path to a destination.
  9. In Neighbors, click Add.
  10. Specify basic details of the BGP neighbor.
    1. Type the IP address of the neighbor.

      When you configure BGP peering between an edge services gateway (ESG) and a logical router, use the protocol IP address of the logical router as the BGP neighbor address of the ESG.

    2. (On a logical router only) Type the forwarding address.

      The forwarding address is the IP address that you assigned to the distributed logical router's interface facing its BGP neighbor (its uplink interface).

    3. (On a logical router only) Type the protocol address.

      The protocol address is the IP address that the logical router uses to form a BGP neighbor relationship. It can be any IP address in the same subnet as the forwarding address, but this IP address must not be used anywhere else. When you configure BGP peering between an edge services gateway (ESG) and a logical router, use the protocol IP address of the logical router as the BGP neighbor IP address of the ESG.

    4. Type the remote AS.
    5. Disable the remote private AS. By default, it is enabled.
    6. Edit the default weight for the neighbor connection, if necessary. The default weight is 60.
    7. Hold Down Timer displays a default value of 180 seconds, which is three times the value of keep alive timer. Edit if necessary.

      When BGP peering is achieved between two neighbors, the NSX Edge starts a hold down timer. Each keep alive message it receives from the neighbor resets the hold down timer to 0. When the NSX Edge fails to receive three consecutive keep alive messages so that the hold down timer reaches 180 seconds, the NSX Edge considers the neighbor as down and deletes the routes from this neighbor.

      Note:

      The default time-to-live (TTL) value in the BGP packets that are sent to eBGP neighbors is 64. This value is not configurable.

    8. Keep Alive Timer displays the default frequency of 60 seconds at which a BGP neighbor sends keep alive messages to its peer. Edit if necessary.
    9. If authentication is required, type the authentication password. Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them is not made.

      You cannot enter a password when FIPS mode is enabled.

  11. Specify the BGP Filters.
    1. Click Add.
      Caution:

      A "block all" rule is enforced at the end of the filters.

    2. Select the direction to indicate whether you are filtering traffic to or from the neighbor.
    3. Select the action to indicate whether you are allowing or denying traffic.
    4. Type the network in CIDR format that you want to filter to or from the neighbor.
    5. Type the IP prefixes that are to be filtered and click OK.
  12. Click Publish Changes.

Configure BGP Between an ESG and a Logical (Distributed) Router

In this topology, the ESG is in AS 64511. The logical router (DLR) is in AS 64512.

The forwarding address of the logical router is 192.168.10.2. This address is configured on the uplink interface of the logical router. The protocol address of the logical router is 192.168.10.3. The ESG uses this address to form a BGP peer relationship with the logical router.

On the BGP Configuration page of the logical router, the configuration settings are as follows:

  • Local AS: 64512

  • Neighbor settings:

    • Forwarding address: 192.168.10.2

    • Protocol address: 192.168.10.3

    • IP address: 192.168.10.1

    • Remote AS: 64511

On the BGP Configuration page of the ESG, the configuration settings are as follows:

  • Local AS: 64511

  • Neighbor settings:

    • IP address: 192.168.10.3. This IP address is the protocol address of the logical router.

    • Remote AS: 64512

On the logical router, run the show ip bgp neighbors command, and make sure that the BGP state is Established.

On the ESG, run the show ip bgp neighbors command, and make sure that the BGP state is Established.