Table of Contents
Expand all | Collapse all
MP-BGP
MP-BGP routing protocol configuration parameter differences
between legacy and advanced routing engine.
The
advanced
routing engine provides the same functionality as the legacy routing engine but with
enhanced capabilities. For example, PAN-OS 11.0 enables you to advertise IPv4 Network
Layer Reachability Information (NLRI) with an IPv6 next hop address. As a result, you
can deploy Palo Alto Networks Next-Generation Firewalls in a dual stack network using
fewer peers.
There are several multiprotocol BGP (MP-BGP) configuration differences between the legacy and
advanced routing engines.
Dampening
Profile
Migration Exception:
The
following table compares the dampening profile parameters of the
two routing engines:
CONFIGURED IN (LEGACY ROUTING ENGINE) | LEGACY ROUTING ENGINE | MIGRATED TO (ADVANCED ROUTING ENGINE) | ADVANCED ROUTING ENGINE |
---|---|---|---|
Network Virtual Router BGP Advanced |
| Network Routing Routing Profiles BGP BGP Dampening Profiles |
|
Route
Reflector Client Parameters
To avoid routing table loops, interior BGP (iBGP) does not advertise iBGP-learned routes to other
routers in the same session to avoid routing table loops. As a result, iBGP requires
a complete mesh of all peers, which quickly becomes unscalable in large networks.
Using route reflectors eliminates the need for full-mesh connectivity between iBGP
peers.
Route reflectors broadcast routes announced by peers that are configured as clients to all other
clients.
Migration Exception:
CONFIGURED IN (LEGACY ROUTING ENGINE) | LEGACY ROUTING ENGINE | MIGRATED TO (ADVANCED ROUTING ENGINE) | ADVANCED ROUTING ENGINE |
---|---|---|---|
Network Virtual Router BGP Peer Group Peer Advanced | Supported Reflector Client types:
| Network Routing Routing Profiles BGP BGP Address Family Profiles | Supported Reflector Client types:
|
Route
Map
Palo Alto Networks recommends BGP route maps for filtering prefixes within BGP and both from and
to another interior gateway protocol (IGP). However, BGP route maps do not support
configuring extended communities in route maps
set
action.
CONFIGURED IN (LEGACY ROUTING ENGINE) | LEGACY ROUTING ENGINE | MIGRATED TO (ADVANCED ROUTING ENGINE) | ADVANCED ROUTING ENGINE |
---|---|---|---|
Network Virtual Router BGP Redist Rules |
| Network Routing Routing Profiles Filters Filters Route Map BGP |
|
Multicast
Both the legacy and the advanced routing engines support the multicast subsequent address family
identifier (SAFI) for IPv4 addresses.
Migration Exception:
LEGACY ROUTING ENGINE | ADVANCED ROUTING ENGINE |
---|---|
|
|
AS
Path Limit Attribute
The AS Path Limit is an optional path transitive attribute. It improves routing
subsystem scalability by providing a maximum range of Autonomous System (AS) numbers
where a prefix will propagate. If used improperly, this attribute can cause routing
loops caused by inconsistent routing tables. As a result, the IETF didn’t
standardize this attribute.
Migration Exception:
CONFIGURED IN (LEGACY ROUTING ENGINE) | LEGACY ROUTING ENGINE | ADVANCED ROUTING ENGINE |
---|---|---|
Network Virtual Router BGP Import or Export Action | Supports the AS path limit attribute. If configured, the AS
path limit attribute will be exchanged with peers and is applied
to prefixes. | Does not support AS path limit attribute. The advanced routing engine ignores the AS path limit attribute and advertise the prefix without
AS path limit attribute. If you need this attribute, replace it
with a route map that matches a specific AS path length (using a
regular expression) and configure the community to not
advertise. |