This section is displayed only when the Partner Hand Off option is activated. Activate this option by turning on the toggle button.
Procedure
- You can configure the following fields:
Option Description Configure Hand Off By default, the handoff configuration is applied to all the Gateways. If you want to configure a specific Gateway, choose Per Gateway, and then select the Gateway from the drop-down list. Segment By default, Global Segment is selected, which means that the handoff configuration is applied to all the segments. If you want to configure a specific segment, select the segment from the drop-down menu. Hand Off Interface This section displays the values that are configured on the Configure BGP and BFD page. Customer BGP Priority Select the check box and configure the Community Mapping details. - Click Configure BGP and BFD link, located at the bottom of the Per Customer Hand Off - Global Segment section, to display the following page:
- You can configure the following fields:
Option Description Hand Off Tag Tag Type Choose the tag type which is the encapsulation, in which the Gateway hands off customer traffic to the Router. The following are the types of tags available: - None: Untagged. Choose this during single tenant handoff or a handoff towards shared services VRF.
- 802.1Q: Single VLAN tag
- 802.1ad / QinQ(0x8100) / QinQ(0x9100): Dual VLAN tag
Customer ASN Enter the Customer Autonomous System Number. Hand Off Interface: You can configure the following settings for IPv4 and IPv6. Local IP Address Enter the Local IP address for the logical Handoff interface. Use for Private Tunnels Select the check box so that private WAN links connect to the private IP address of the Partner Gateway. If private WAN connectivity is activated on a Gateway, the Orchestrator audits to ensure that the local IP address is unique for each Gateway within an Enterprise. Advertise Local IP Address via BGP Select the check box to automatically advertise the private WAN IP of the Partner Gateway through BGP. The connectivity is provided using the existing Local IP address. Static Routes: You can add, delete, or clone a static route. Subnets Enter the IP address of the Static Route Subnet that the Gateway should advertise to the Edge. Cost Enter the cost to apply weightage on the routes. The range is from 0 to 255. Encrypt Select the check box to encrypt the traffic between Edge and Gateway. Hand off Select the handoff type as either VLAN or NAT. Description Enter a descriptive text for the static route. This field is optional. BFD: Turn the toggle button to On to activate this section. Peer Address Enter the IP address of the remote peer to initiate a BFD session. Detect Multiplier Enter the detection time multiplier. The remote transmission interval is multiplied by this value to determine the detection timer for connection loss. The range is from 3 to 50. Receive Interval Enter the minimum time interval, in milliseconds, at which the system can receive the control packets from the BFD peer. The range is from 300 to 60000 milliseconds. Local Address Enter a locally configured IP address for the peer listener. This address is used to send the packets. Transmit Interval Enter the minimum time interval, in milliseconds, at which the system can send the control packets from the BFD peer. The range is from 300 to 60000 milliseconds. BGP: Turn the toggle button to On to activate this section. Neighbor IP Enter the IP address of the configured BGP neighbor network. Secure BGP Routes Select the check box to allow encryption for data-forwarding over BGP routes. Max-hop Enter the number of maximum hops to allow multi-hop for the BGP peers. The range for Max-hop is from 1 to 255, and the default value is 1. Note: This field is available only for eBGP neighbors, when the local ASN and the neighboring ASN are different.Next Hop IP Enter the next-hop IP address to be used by BGP to reach the multi-hop BGP peer. Note: This option is available only for multi-hop eBGP with Max-hop count greater than 1.Neighbor-ASN Enter the Autonomous System Number of the Neighbor network. BGP Local IP Local IP address is the equivalent of a loopback IP address. Enter an IP address that the BGP neighborships can use as the source IP address for the outgoing BGP packets. Note: The BGP Local IP address must be from a different subnet than a handoff IP address.If you do not enter any value, the IP address of the Hand Off Interface is used as the source IP address.
BGP Inbound Filters Displays the BGP inbound filters. BGP OutBound Filters Displays the BGP outbound filters. BGP Optional Settings BFD Select the checkbox to subscribe to the BFD session. Router-ID Enter the Router ID to identify the BGP Router. Keep Alive Enter the BGP Keep Alive time in seconds. The default timer is 60 seconds. Hold Timers Enter the BGP Hold time in seconds. The default timer is 180 seconds. Turn off AS-PATH Carry Over Select the check box to turn off AS-PATH carry over, which influences the outbound AS-PATH to make the L3-routers prefer a path towards a PE. If you select this option, ensure to tune your network to avoid routing loops. It is recommended not to select this check box. MD5 Auth Select the check box to activate BGP MD5 authentication. This option is used in a legacy network or federal network, and is used as a security guard for BGP peering. MD5 Password Enter a password for MD5 authentication. Note: Starting from the 4.5 release, the use of the special character "<" in the password is no longer supported. In cases where users have already used "<" in their passwords in previous releases, they must remove it to save any changes on the page. - Click Update to save the settings.