Create a BGP Profile

Use the following procedure to create a BGP profile from the Multicloud Defense Controller dashboard:

Before you begin

Note

When you create a BGP profile, the profile must be enabled for traffic and same value to be used in the tunnel as in the BGP profile.

Procedure

Step 1

Navigate to Infrastructure > Network > BGP.

Step 2

Click Create.

Step 3

In the General Settings tab of the creation window enter a unique Profile Name.

Step 4

(Optional) Enter a Description. This may help differentiate from other profiles with a similar name.

Step 5

Enter the LocalAS value. This value represents the local autonomous system (AS) in which the BGP4 device resides.

Step 6

Click the Neighbors tab at the top of the window to switch views. For more information on neighbors and what this configuration can do for you environment, see BGP Neighbors and Path Selection.

Step 7

Click Add Neighbors.

Step 8

Expand the Neighbor 1 space.

Step 9

Manually enter a singular address or a range of IP addresses and BGP peer groups in the IP Address text box. If you are adding multiple addresses, separate each address with a space.

Step 10

Enter the Autonomous System value, the LocalAS for where the neighbor resides.

Step 11

If you opt to include Route Map In, note that enabling this option applies the route map on all matching traffic in the inbound direction on the interface. If you opt to include Route Map Out, enabling this option applies the routemap to all matching traffic in the outbound direction on the interface. Check the appropriate option for your environment and then enter the following information:

  1. Local Preference - By default, this value is "100". Optionally, enter a 32-bit unsigned integer value between 0 to 4,294,967,295. Note that with a higher local preference value indicating a more preferred route within an autonomous system.

    Local preference is only exchanged between BGP routers within the same autonomous system (iBGP) and not advertised externally (eBGP).

  2. AS Path Prepend - Maually enter a value for this; if you enter more than one separate each value with a space. This value influences the path selection process by artificially lengthening the AS path attribute of a route. While it is unconventional to include this for inbound traffic, prepending additional AS numbers to incoming routes can make these routes appear less preferable to your internal BGP speakers when selecting paths for routing traffic.

  3. Click Add to include an IP address or a network and enter an IP address, a range of IP addresses sepearated by commas, or a network comprised of both the IP and netmask. These are routes or networks that you want to allow in or out within the bgp session(s). At any point, click Remove to remove an IP address from the neighbor.

Step 12

Click Save.

What to do next

Add your BGP profile to a Multicloud Defense Gateway. You can either create a new gateway or edit an existing gateway to include the new profile.