BGP peering

Unanswered Question
Jun 2nd, 2009

Question. Best practice is to configure iBGP via loopback interface. My question is, is that valid statement for scenario where two BGP peers are seperated by a firewall?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rais Tue, 06/02/2009 - 07:43

For iBGP peering, the FW shouldn't matter. Loopbacks can still be used.

Some FW support bgp themselves, so they can be part of iBGP.


Giuseppe Larosa Sun, 06/07/2009 - 12:12

Hello Mateuz,

iBGP allows for a TTL=255 in the BGP packets so the added hop caused by the firewall is not a problem for the iBGP session.

if the session were eBGP you would need to tune the ebgp-multihop to take care of the FW hop.

Hope to help



This Discussion