Using the BGP screen in the vCloud Director tenant portal, you can configure Border Gateway Protocol (BGP) for the dynamic routing capabilities of your advanced edge gateway.

About this task

As described in the NSX Administration Guide, BGP makes core routing decisions by using a table of IP networks or prefixes, which designate network reachability among multiple autonomous systems. In the networking field, the term BGP speaker refers to a networking device that is running BGP. Two BGP speakers establish a connection before any routing information is exchanged. The term BGP neighbor refers to a BGP speaker that has established such a connection. After establishing the connection, the devices exchange routes and synchronize their tables. Each device sends keepalive messages to keep this relationship alive.

Prerequisites

To use the vCloud Director tenant portal to work with an edge gateway's settings, the edge gateway must be converted to an advanced edge gateway. You can do this on the edge gateway in the vCloud Director Web console or from the tenant portal. For details on performing this step from the tenant portal, see Convert an Edge Gateway to an Advanced Edge Gateway.

Procedure

  1. Launch Edge Gateway Services by completing the following steps.
    1. Click Network > Edge Gateway.
    2. Select the edge gateway to edit, and click Configure Services.

      The tenant portal opens Edge Gateway Services.

  2. Navigate to Routing > BGP.
  3. If BGP is not currently enabled, use the Enable BGP toggle to enable it.
  4. Configure the BGP settings according to your organization's needs.

    Setting

    Description

    Enable Graceful Restart

    Specifies that packet forwarding is to remain uninterrupted when BGP services are restarted.

    Enable Default Originate

    Allows the edge gateway to advertise itself as a default gateway to its BGP neighbors.

    Local AS

    Required. Specify the autonomous system (AS) ID number to use for the local AS feature of the protocol. The value you specify must be a globally unique number between 1 and 65534.

    The local AS is a feature of BGP. The system assigns the local AS number to the edge gateway you are configuring. The edge gateway advertises this ID when the edge gateway peers with its BGP neighbors in other autonomous systems. The path of autonomous systems that a route would traverse is used as one metric in the dynamic routing algorithm when selecting the best path to a destination.

    At this point, you can click Save changes, or continue to configure settings for the BGP routing neighbors.

  5. Add a BGP neighbor configuration to the on-screen table by clicking the + icon, specifying details for the neighbor in the dialog box, and then clicking Keep.

    Setting

    Description

    IP Address

    Type the IP address of a BGP neighbor for this edge gateway.

    Remote AS

    Type a globally unique number between 1-65534 for the autonomous system to which this BGP neighbor belongs. This remote AS number is used in the BGP neighbor's entry in the system's BGP neighbors table.

    Weight

    The default weight for the neighbor connection. Adjust as appropriate for your organization's needs.

    Keep Alive Time

    The frequency with which the software sends keepalive messages to its peer. The default frequency is 60 seconds. Adjust as appropriate for your organization's needs.

    Hold Down Time

    The interval for which the software declares a peer dead after not receiving a keep alive message. This interval must be three times the keep alive interval. The default interval is 180 seconds. Adjust as appropriate for your organization's needs.

    Once peering between two BGP neighbors is achieved, the edge gateway starts a hold down timer. Every keep alive message it receives from the neighbor resets the hold down timer to 0. If the edge gateway fails to receive three consecutive keep alive messages, so that the hold down timer reaches three times the keep alive interval, the edge gateway considers the neighbor down and deletes the routes from this neighbor.

    Password

    If this BGP neighbor requires authentication, type the authentication password.

    Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them will not be made.

    BGP Filters

    Use this table to specify route filtering using a prefix list from this BGP neighbor.

    Caution:

    A block all rule is enforced at the end of the filters.

    Add a filter to the table by clicking the + icon and configuring the options. Click Keep to save each filter.

    • Select the direction to indicate whether you are filtering traffic to or from the neighbor.

    • Select the action to indicate whether you are allowing or denying traffic.

    • Type the network that you want to filter to or from the neighbor. Type ANY or a network in CIDR format.

    • Type the IP Prefix GE and IP Prefix LE to use the le and ge keywords in the IP prefix list.

  6. Click Save changes to save the configurations to the system.

What to do next

Configure BGP on the other edge gateways that you want to exchange routing information with.

Add a firewall rule that allows traffic to and from the BGP-configured edge gateways. See Add an Edge Gateway Firewall Rule Using the Tenant Portal for information.