BGP over LAN Connection
BGP over LAN connection runs a BGP session over the LAN interface without running any tunneling protocol (such as IPsec or GRE) and uses Border Gateway Protocol (BGP) routing.
BGP over LAN is mainly used to peer with remote devices such as third-party network virtual appliances, for instance SD-WAN cloud instances, and on-premises gateways and routers that do not have the capability to support BGP over any tunneling protocols.
BGP over LAN connections are only supported over private networks. |
In this document, Local Gateway refers to the Aviatrix gateway that you want to connect to a remote device.
Supported Gateways
-
Transit Gateway in AWS, Azure and GCP
-
Spoke Gateway with BGP enabled in AWS and Azure
-
Edge Transit Gateway and Spoke Gateway in all edge platforms
External Connection Settings
For information about the options that you can configure for a Site2Cloud (S2C) external connection, refer to About External Connection Settings.
Workflow
To set up a BGP over LAN external connection:
-
In Aviatrix CoPilot, go to Networking > Connectivity > External Connections (S2C) tab.
-
From the + External Connection dropdown menu, select External Device.
-
In Create External Connection to External Device, provide the following information:
Field Description Name
A name for the connection.
Type
Select BGP over LAN.
Local Gateway
The Local Gateway on which you want to create an external connection to a remote device.
-
In the BGP Configuration section, provide the following information:
Field
Description
Local ASN
The BGP AS Number the Local Gateway will use to exchange routes with the remote device.
ActiveMesh
ActiveMesh enables full mesh peering to the remote devices from the primary and highly available (HA) Local Gateways.
When ActiveMesh is Off, point-to-point tunnels are created instead of full mesh.
Only to be used for Azure Route Server Integration.
BFD
Use the BFD toggle to turn on Bidirectional Forwarding Detection (BFD) network protocol that enables rapid detection of a link or node failure between the Local gateway and the remote peer.
Manual Learned CIDR Approval
Use the Manual Learned CIDR Approval toggle to turn Learned CIDR approval process.
When Learned CIDR approval is On, an email notification is sent to administrators to approve dynamically learned CIDRs before they are propagated to Spoke VPC and VNet route tables.
When Learned CIDR approval is Off, all dynamically learned CIDRs are automatically propagated to the Spoke VPC and VNet route tables.
Advertise BGP Communities
The BGP communities to advertise to the BGP peer.
BGP Multihop
Use BGP Multihop toggle to turn on BGP Multihop.
BGP Multihop enables the Local Gateway to establish a BGP session with the remote device that is not directly connected.
The BGP multihop setting on the external connection must match the multihop setting on the remote device to establish a BGP session. -
In the LAN Configuration section, provide the following information.
Field Description Remote Device IP
The remote device interface IP address.
Remote ASN
The BGP AS Number of the remote device that will used to exchange routes with the Local Gateway.
The Remote ASN should be the same for the Primary and HA Local Gateway instances.
Local Gateway Instances
The Primary or HA Local Gateway instance.
Local LAN IP
The Local Gateway interface IP address.
Remote LAN IP
The remote device interface IP address.
To connect the gateway to another remote device, click +Remote Device and enter the remote device’s IP address and ASN information.
-
Click Save.
The new BGP over LAN external connection appears in the table.