You can configure Border Gateway Protocol for vCloud Air to exchange routes between your on-premises border devices and vCloud Air. BGP makes core routing decisions by using a table of IP networks or prefixes, which designate network reachability among multiple autonomous systems.

The BGP border devices established a connection before any routing information is exchanged. After establishing the connection, the border devices exchange routes and synchronize their tables. Each border device sends keepalive messages to keep this relationship alive.

1

Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI.

See Log In and Navigate to Advanced Networking Services for information.

2

Click the Routing tab and BGP.

3

In BGP Configuration, complete the BGP options:

a

Click Edit next to BGP Configuration.

b

Click Enable BGP.

c

For packet forwarding to be uninterrupted during restart of BGP services, select Enable Graceful Restart.

d

To allow the edge gateway to advertise itself as a default gateway to its peers, select Enable Default Originate.

e

Type a value (a globally unique number between 1-65534) for the Local AS.

vCloud Air assigns the local autonomous system (AS) number to the edge gateway you are configuring and advertises the local AS when the edge gateway peers with routers in other autonomous systems. The path of ASs that a route traverses is used as one metric when selecting the best path to a destination.

f

Click OK.

4

In Neighbors, configure the routing neighbors:

a

Click the Add (add icon) icon.

b

Type the IP address of your on-premises border device that vCloud Air connect to.

c

Type a value (a globally unique number between 1-65534) for the Remote AS.

vCloud Air assigns the remote AS number to the border device you are creating the connection for.

d

If necessary, edit the default weight for the neighbor connection.

e

If necessary, edit the default interval for the Keep Alive Time.

f

If necessary, edit the default interval for the Hold Down Time.

The edge gateway uses the standard, default values for the keep alive timer (60 seconds) and the hold down timer. The default value for the hold down timer is 3xkeepalive or 180 seconds. Once peering between two neighbors is achieved, the edge gateway starts a hold down timer. Every keep alive message it receives from the neighbor resets the hold down timer to 0. If the edge gateway fails to receive three consecutive keep alive messages, so that the hold down timer reaches 180 seconds, the edge gateway considers the neighbor down and deletes the routes from this neighbor.

g

Required In Password, type the authentication password.

Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them will not be made.

5

To specify route filtering from a neighbor using an prefix list, click the Add (add icon) icon in the BGP Filters area and configure the following options:

Caution

A "block all" rule is enforced at the end of the filters.

a

Select the direction to indicate whether you are filtering traffic to or from the neighbor.

b

Select the action to indicate whether you are allowing or denying traffic.

c

Type the network in CIDR format that you want to filter to or from the neighbor.

d

Type the IP prefixes that are to be filtered and click OK.

6

Click Publish Changes.

Add a firewall rule that allows traffic to and from the remote border device in your on-premises data center. See Add an Edge Gateway Firewall Rule for information.

Configure BGP in your on-premises data center for the remote border device that vCloud Air is connecting to using the AS values and password you set in vCloud Air. These values must match on both sides of the connection.