FQDN Support for Static Route Next Hop, PBF Next Hop, and BGP Peer

You can use an FQDN in a static route next hop, a policy-based forwarding (PBF) next hop, or a BGP peer address.
In dynamic environments, network endpoints have dynamic addresses and often use FQDNs to represent the addresses in routing and forwarding. The firewall now supports an FQDN in three additional networking functions: a static route next hop, a policy-based forwarding (PBF) next hop, and a BGP peer address. Using FQDNs reduces configuration and management overhead.
Also, in order to simplify provisioning, you can use an FQDN (instead of statically assigning an IP address to a static IP next hop, PBF next hop, or BGP peer) and the FQDN resolution can change from location to location. Service providers often tend to map the FQDN to an IP address based on the location and deployment requirements. For example, if you are a service provider, you can provide FQDNs for accessing cloud services and resolve these to the IP address of the closest server for the client (based on the client’s geo-location), so that the same FQDN can be used globally for the connection to the cloud service.
  • Create an address object that uses an FQDN (unless you prefer to directly specify the FQDN when you configure the next hop or BGP peer).
    1. Select
      Objects
      Addresses
      and
      Add
      a new address object by
      Name
      .
    2. Select
      FQDN
      as the object
      Type
      and enter the FQDN.
    3. Click
      OK
      .
  • Configure a static route and use an FQDN or the FQDN address object as the next hop.
  • Create a policy-based forwarding rule and use an FQDN or the FQDN address object as the next hop to which the firewall forwards the matching packets.
  • Configure a BGP peer and use an FQDN or the FQDN address object as the BGP peer address.

Recommended For You