Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
551552553554555556557558559560
531
[RouterC-route-policy] if-match acl 2000
[RouterC-route-policy] apply local-preference 200
[RouterC-route-policy] quit
# Apply the routing policy localpref to the route from the peer 193.1.1.1 on Router C.
[RouterC] bgp 200
[RouterC-bgp] peer 193.1.1.1 route-policy localpref import
[RouterC-bgp] quit
# Display the BGP routing table on Firewall.
[Firewall] display bgp routing-table
Total Number of Routes: 2
BGP Local router ID is 194.1.1.1
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 1.0.0.0 193.1.1.1 0 200 0 100i
* i 192.1.1.1 0 100 0 100i
The route 1.0.0.0/8 learned from Router C is the optimal.
BFD for BGP configuration example
The following matrix shows the configuration example and hardware compatibility:
Hardware Com
p
atibilit
y
F1000-A-EI/F1000-S-EI No
F1000-E No
F5000 Yes
F5000-S/F5000-C No
VPN firewall modules No
20-Gbps VPN firewall modules No
Network requirements
As shown in Figure 305,
Run OSPF in AS 200.
Establish two IBGP connections between Firewall A and Firewall C. When both paths are working,
Firewall B adopts the path Firewall A<—>Router A<—>Firewall B to communicate with network
1.1.1.0/24. Configure BFD over the path. If the path fails, BFD can quickly detect the failure and
notify it to BGP. Then the path Firewall A<—>Router B<—>Firewall B takes effect immediately.