Description:

This article describes how BGP can be set up between two LANCOM R&S®Unified Firewalls.


“Next-hop” BGP is supported as of LCOS FX 10.12
. For LCOS FX 10.9 up to and including 10.11, routes can be transmitted to the immediate neighbor only (i.e. requiring an intermediate network).


Requirements:


Procedure:

1) Configuring BGP on the Unified Firewalls:

1.1) Configuring BGP on Firewall-1:

1.1.1) Connect to the Firewall-1 and navigate to the menu Network → Routing → BGP.

1.1.2) Use the slider to activate BGP, adjust the following parameters, and click Save:

The AS number can be set to values between 1 and 4294967295. However, LANCOM Systems recommends that you use values reserved for private use.

16-Bit: 64512 to 65534

32-Bit: 4200000000 to 4294967294

The option Redistribute Connected Routes can be enabled instead of or in addition to the option Redistribute Static Routes. Under Routes, enter the static routing entries in CIDR notation (Classless Inter Domain Routing) and add them using the “+” button.

If the received networks match the locally configured networks, the routes for the local networks are maintained.

Optionally you can use the Target Routing Table field to reference your own routing table with custom routing rules (default value is 254).


1.2) Configuring BGP on Firewall-2:

1.2.1) Connect to the Firewall-2 and navigate to the menu Network → Routing → BGP.

1.2.2) Use the slider to activate BGP, adjust the following parameters, and click Save:

The AS number can be set to values between 1 and 4294967295. However, LANCOM Systems recommends that you use values reserved for private use.

16-Bit: 64512 to 65534

32-Bit: 4200000000 to 4294967294

The option Redistribute Connected Routes can be enabled instead of or in addition to the option Redistribute Static Routes. Under Routes, enter the static routing entries in CIDR notation (Classless Inter Domain Routing) and add them using the “+” button.

If the received networks match the locally configured networks, the routes for the local networks are maintained.

Optionally you can use the Target Routing Table field to reference your own routing table with custom routing rules (default value is 254).



2) Reading out the BGP status on the Unified Firewalls:

2.1) On each of the Unified Firewalls, go to the menu Monitoring & Statistics → BGP Status.

2.2) In the BGP Status menu, information about the BGP neighbor (including the IP address and Remote AS) is displayed as well as the received and sent routes.