Using the BGP screen in the vCloud Director tenant portal, you can configure Border Gateway Protocol (BGP) for the dynamic routing capabilities of your advanced edge gateway.
About this task
As described in the NSX Administration Guide, BGP makes core routing decisions by using a table of IP networks or prefixes, which designate network reachability among multiple autonomous systems. In the networking field, the term BGP speaker refers to a networking device that is running BGP. Two BGP speakers establish a connection before any routing information is exchanged. The term BGP neighbor refers to a BGP speaker that has established such a connection. After establishing the connection, the devices exchange routes and synchronize their tables. Each device sends keepalive messages to keep this relationship alive.
For the ability to use the vCloud Director tenant portal to work with an edge gateway's settings, the edge gateway must have already been converted to an advanced edge gateway using the Convert to Advanced Gateway action on the edge gateway in the vCloud Director Web console. See the vCloud Director Administrator's Guide for details.
- Launch the tenant portal using the following steps.
- Log in to the vCloud Director Web console and navigate to the edge gateway.
- Right-click the name of the edge gateway and click Edge Gateway Services in the context menu.
The tenant portal opens in a new browser tab and displays the Edge Gateway screen for that edge gateway.
- In the tenant portal, navigate to .
- If BGP is not currently enabled, use the Enable BGP toggle to enable it.
- Configure the BGP settings according to your organization's needs.
Enable Graceful Restart
Specifies that packet forwarding is to remain uninterrupted when BGP services are restarted.
Enable Default Originate
Allows the edge gateway to advertise itself as a default gateway to its BGP neighbors.
Required. Specify the autonomous system (AS) ID number to use for the local AS feature of the protocol. The value you specify must be a globally unique number between 1 and 65534.
The local AS is a feature of BGP. The system assigns the local AS number to the edge gateway you are configuring. The edge gateway advertises this ID when the edge gateway peers with its BGP neighbors in other autonomous systems. The path of autonomous systems that a route would traverse is used as one metric in the dynamic routing algorithm when selecting the best path to a destination.
At this point, you can click Save changes, or continue to configure settings for the BGP routing neighbors.
- Add a BGP neighbor configuration to the on-screen table by clicking the + icon, specifying details for the neighbor in the dialog box, and then clicking Keep.
Type the IP address of a BGP neighbor for this edge gateway.
Type a globally unique number between 1-65534 for the autonomous system to which this BGP neighbor belongs. This remote AS number is used in the BGP neighbor's entry in the system's BGP neighbors table.
The default weight for the neighbor connection. Adjust as appropriate for your organization's needs.
Keep Alive Time
The frequency with which the software sends keepalive messages to its peer. The default frequency is 60 seconds. Adjust as appropriate for your organization's needs.
Hold Down Time
The interval for which the software declares a peer dead after not receiving a keep alive message. This interval must be three times the keep alive interval. The default interval is 180 seconds. Adjust as appropriate for your organization's needs.
Once peering between two BGP neighbors is achieved, the edge gateway starts a hold down timer. Every keep alive message it receives from the neighbor resets the hold down timer to 0. If the edge gateway fails to receive three consecutive keep alive messages, so that the hold down timer reaches three times the keep alive interval, the edge gateway considers the neighbor down and deletes the routes from this neighbor.
If this BGP neighbor requires authentication, type the authentication password.
Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them will not be made.
Use this table to specify route filtering using a prefix list from this BGP neighbor.Caution:
A block all rule is enforced at the end of the filters.
Add a filter to the table by clicking the + icon and configuring the options. Click OK to save each filter.
Select the direction to indicate whether you are filtering traffic to or from the neighbor.
Select the action to indicate whether you are allowing or denying traffic.
Type the network that you want to filter to or from the neighbor. Type ANY or a network in CIDR format.
Type the IP Prefix GE and IP Prefix LE to use the le and ge keywords in the IP prefix list.
- Click Save changes to save the configurations to the system.
What to do next
Configure BGP on the other edge gateways that you want to exchange routing information with.
Add a firewall rule that allows traffic to and from the BGP-configured edge gateways. See Add an Edge Gateway Firewall Rule Using the Tenant Portal for information.