BGP over LAN Connection

BGP over LAN connection runs a BGP session over the LAN interface without running any tunneling protocol (such as IPsec or GRE) and uses Border Gateway Protocol (BGP) routing.

BGP over LAN is mainly used to peer with remote devices such as third-party network virtual appliances, for instance SD-WAN cloud instances, and on-premises gateways and routers that do not have the capability to support BGP over any tunneling protocols.

BGP over LAN connections are only supported over private networks.

In this document, Local Gateway refers to the Aviatrix gateway that you want to connect to a remote device.

Supported Gateways

  • Transit Gateway in AWS, Azure and GCP

  • Spoke Gateway with BGP enabled in AWS and Azure

  • Edge Transit Gateway and Spoke Gateway in all edge platforms

External Connection Settings

For information about the options that you can configure for a Site2Cloud (S2C) external connection, refer to About External Connection Settings.

Workflow

To set up a BGP over LAN external connection:

  1. In Aviatrix CoPilot, go to Networking > Connectivity > External Connections (S2C) tab.

  2. From the + External Connection dropdown menu, select External Device.

  3. In Create External Connection to External Device, provide the following information:

    Field Description

    Name

    A name for the connection.

    Type

    Select BGP over LAN.

    Local Gateway

    The Local Gateway on which you want to create an external connection to a remote device.

  4. In the BGP Configuration section, provide the following information:

    Field

    Description

    Local ASN

    The BGP AS Number the Local Gateway will use to exchange routes with the remote device.

    ActiveMesh

    ActiveMesh enables full mesh peering to the remote devices from the primary and highly available (HA) Local Gateways.

    When ActiveMesh is Off, point-to-point tunnels are created instead of full mesh.

    Only to be used for Azure Route Server Integration.

    BFD

    Use the BFD toggle to turn on Bidirectional Forwarding Detection (BFD) network protocol that enables rapid detection of a link or node failure between the Local gateway and the remote peer.

    Manual Learned CIDR Approval

    Use the Manual Learned CIDR Approval toggle to turn Learned CIDR approval process.

    When Learned CIDR approval is On, an email notification is sent to administrators to approve dynamically learned CIDRs before they are propagated to Spoke VPC and VNet route tables.

    When Learned CIDR approval is Off, all dynamically learned CIDRs are automatically propagated to the Spoke VPC and VNet route tables.

    Advertise BGP Communities

    The BGP communities to advertise to the BGP peer.

    BGP Multihop

    Use BGP Multihop toggle to turn on BGP Multihop.

    BGP Multihop enables the Local Gateway to establish a BGP session with the remote device that is not directly connected.

    The BGP multihop setting on the external connection must match the multihop setting on the remote device to establish a BGP session.
  5. In the LAN Configuration section, provide the following information.

    Field Description

    Remote Device IP

    The remote device interface IP address.

    Remote ASN

    The BGP AS Number of the remote device that will used to exchange routes with the Local Gateway.

    The Remote ASN should be the same for the Primary and HA Local Gateway instances.

    Local Gateway Instances

    The Primary or HA Local Gateway instance.

    Local LAN IP

    The Local Gateway interface IP address.

    Remote LAN IP

    The remote device interface IP address.

    To connect the gateway to another remote device, click +Remote Device and enter the remote device’s IP address and ASN information.

  6. Click Save.

    The new BGP over LAN external connection appears in the table.