Question. Best practice is to configure iBGP via loopback interface. My question is, is that valid statement for scenario where two BGP peers are seperated by a firewall?
iBGP allows for a TTL=255 in the BGP packets so the added hop caused by the firewall is not a problem for the iBGP session.
if the session were eBGP you would need to tune the ebgp-multihop to take care of the FW hop.
Hope to help
Giuseppe
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: