BGP Profile

Border Gateway Protocol (BGP) is an Internet Engineering Task Force (IETF) standard, and the most scalable of all routing protocols. BGP is the routing protocol of the global Internet, as well as for service provider private networks. BGP enables the VPN gateways and your BGP neighbors to exchange routes that inform the gateways on both sides of the connectoin of the availability of the gateways or routers involved.

You must create and add a BGP profile to your gateway if you are establishing a site-to-site VPN tunnel connection to another platform or device. Deploying with a BGP profile depoys a gateway that uses dynamic routing with BGP between your networks and cloud service providers.

BGP Neighbors and Path Selection

BGP profiles utilize a property called "neighbors"; a neighbor refers to another BGP router with which a BGP session is established. The purpose of configuring neighbors in a BGP profile is to facilitate the exchange of routing information between autonomous systems (ASes) or within a singular AS.

Important

We strongly recommend adding at least one nighbor to your BGP profile.

Within the neighbor section of the BGP profile, you have the chance to opt to Route Map In or Route Map Out. The route maps provide us a mechanism to only advertise (outbound) or accept (inbound), based on whats identified in that route map.

Allowing a route map in enables the following actions:

  • Incoming Route Filtering: Control which routes are accepted from a BGP neighbor. Filter out unwanted routes to optimize the routing table to ensure only the relevant routes are considered.

  • Attribute Modification: Adjust attributes of incoming routes, such as the local preference or metric, to influence the path selection process within your network. This helps prioritize certain routes over others based on your deployed network policies.

  • Security and Policy Compliance: Prevent routes that do not comply with your network policies from being accepted to enhance security and ensure policy compliance.

Adversely, allowing a route map out enables the following actions:

  • Outgoing Route Filtering: Control which routes are advertised to a BGP neighbor. This helps manage the visibility of your network to external peers and has the potential to prevent the advertisement of specific internal routes.

  • Attribute Setting: Modify route attributes before they are sent to a neighbor.

  • Traffic Engineering: Influence inbound traffic paths by adjusting route attributes like AS path length to guide traffic through preferred routes.

BGP may receive multiple advertisements for the same route from different sources. BGP selects only one path as the best path. When this path is selected, BGP puts the selected path in the IP routing table and propagates the path to its neighbors. BGP uses the following criteria, in the order presented, to select a path for a destination:

  • If the path specifies a next hop that is inaccessible, drop the update.

  • Prefer the path with the largest weight.

  • If the weights are the same, prefer the path with the largest local preference.

  • If the local preferences are the same, prefer the path that was originated by BGP running on this router.

  • If no route was originated, prefer the route that has the shortest AS_path.

  • If all paths have the same AS_path length, prefer the path with the lowest origin type (where IGP is lower than EGP, and EGP is lower than incomplete).

  • If the origin codes are the same, prefer the path with the lowest MED attribute.

  • If the paths have the same MED, prefer the external path over the internal path.

  • If the paths are still the same, prefer the path through the closest IGP neighbor.

  • If both paths are external, prefer the path that was received first (the oldest one).

  • Prefer the path with the lowest IP address, as specified by the BGP router ID.

  • If the originator or router ID is the same for multiple paths, prefer the path with the minimum cluster list length.

  • Prefer the path that comes from the lowest neighbor address.