Allowing BGP messages between interfaces.

Frequently Asked Questions
Posts: 696
Joined: 10 Apr 2008, 14:14
Location: Clavister HQ - Örnsköldsvik

Allowing BGP messages between interfaces.

Post by Peter » 30 Nov 2011, 06:32

This FAQ applies to:
  • Clavister CorePlus version 8.x and 9.x.

Is it possible to allow BGP messages to be sent between two different interfaces on the SGW?


Yes, this is possible. BGP uses TCP as its transport protocol, on TCP port 179. On connection initiation BGP peers exchange complete copies of their routing tables between each other, which can be quite large. However after the complete routing table exchange, only changes (deltas) are then exchanged between the BGP routers. Which makes long running BGP sessions more efficient than shorter ones.

In order to archive this we need the following:
  • 1. Create two rules for respective BGP routers. In this example we have two BGP routers.
    1.1. One is located on the interface External-Internet.
    1.2. One is located on the interface Internal-Network.
    2. Create two rules that follows the structure:
    Pic-1.png (11.58 KiB) Viewed 4469 times
    3.The source interface and network and destination interface and network needs to correspond to the IP and interface that respective BGP router resides in. Service needs to be set to TCP destination port 179.
    4. Two rules are needed in order to allow traffic to be initiated both from the inside and outside.
By following this example your BGP routers will be able to exchange their routing tables when they are located on separate interfaces.