Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
531532533534535536537538539540
515
BGP load balancing configuration example
Network requirements
As shown in Figure 299, all routers run BGP, Firewall resides in AS 65008, and Router B and Router A
reside in AS 65009. EBGP runs between Firewall and Router B, and between Firewall and Router C.
IBGP runs between Router B and Router A. Configure two routes on Firewall for load balancing.
Figure 299 Network diagram
Configuration considerations
On Firewall, establish EBGP connections with Router B and Router A, respectively; configure BGP to
a dv e r t i s e n e t wo r k 8 .1.1.0 / 24 t o R o u t e r B a n d Ro u t er A , so Router B and Router A can access the internal
network connected to Firewall.
On Router B, establish an EBGP connection with Firewall and an IBGP connection with Router A;
configure BGP to advertise network 9.1.1.0/24 to Firewall, so Firewall can access the intranet through
Router B; configure a static route to interface loopback 0 on Router A (or use a routing protocol like OSPF)
to establish the IBGP connection.
On Router A, establish an EBGP connection with Firewall and an IBGP connection with Router B;
configure BGP to advertise network 9.1.1.0/24 to Firewall, so Firewall can access the internal network
through Router A; configure a static route to interface loopback 0 on Router B (or use another protocol
like OSPF) to establish the IBGP connection.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure BGP connections:
# Configure Firewall.
<Firewall> system-view
[Firewall] bgp 65008
[Firewall-bgp] router-id 1.1.1.1
[Firewall-bgp] peer 3.1.1.1 as-number 65009
[Firewall-bgp] peer 3.1.2.1 as-number 65009
[Firewall-bgp] network 8.1.1.1 24
[Firewall-bgp] quit
# Configure Router B.