BGP
Learn about Border Gateway Protocol (BGP), which functions between autonomous systems
or within an AS to exchange routing and reachability information with BGP
speakers.
| Where Can I Use This? | What Do I Need? |
|---|
- NGFW (Managed by PAN-OS or Panorama)
| |
Border Gateway Protocol (BGP) is the primary Internet
routing protocol. BGP determines network reachability based on IP
prefixes that are available within autonomous systems (AS), where
an AS is a set of IP prefixes that a network provider has designated
to be part of a single routing policy.
BGP functions between autonomous systems (exterior BGP or eBGP) or within an AS (interior
BGP or iBGP) to exchange routing and reachability information with BGP speakers. The
firewall provides a complete BGP implementation, which includes the following
features:
Specification of one BGP routing instance per virtual router.
BGP settings per virtual router, which include basic parameters such as local
router ID and local AS, and advanced options such as path selection, route
reflector,
BGP
Confederations, route flap dampening, and graceful restart.
Peer group and neighbor settings, which include neighbor address and remote AS,
and advanced options such as neighbor attributes and connections.
Route policies to control route import, export and advertisement; prefix-based
filtering; and address aggregation.
IGP-BGP interaction to inject routes to BGP using redistribution profiles.
Authentication profiles, which specify the MD5 authentication key for BGP
connections. Authentication helps prevent route leaking and successful DoS
attacks.
Multiprotocol BGP (MP-BGP) to allow BGP peers to carry IPv6 unicast routes and
IPv4 multicast routes in Update packets, and to allow the firewall and a BGP
peer to communicate with each other using IPv6 addresses.
BGP supports a maximum of 255 AS numbers in an AS_PATH list for a prefix.
