R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

371

372

373

374

375

376

377

378

379

380

360

5 packet(s) transmitted

5 packet(s) received

0.00% packet loss

round-trip min/avg/max = 2/2/2 ms

BGP load balancing configuration example

Network requirements

This example describes how to configure BGP load balancing.

As shown in Figure 184, all

routers run BGP, and Firewall resides in AS 65008, Router B and Router A

in AS 65009. Between Firewall and Router B, Firewall and Router A are eBGP connections, and between

Router B and Router A is an iBGP connection. Two routes are configured on Firewall for load balancing.

Figure 184 Network diagram for BGP load balancing configuration

Configuration procedure

1. Configure IP addresses for interfaces (omitted).

2. Configure BGP connections.

• On Firewall, establish eBGP connections with Router B and Router A respectively; configure BGP to

advertise network 8.1.1.0/24 to Router B and Router A, so that Router B and Router A can access the

internal network connected to Firewall.

• On Router B, establish an eBGP connection with Firewall and an iBGP connection with Router A;

configure BGP to advertise network 9.1.1.0/24 to Firewall, so that Firewall can access the intranet

through Router B; configure a static route to interface loopback 0 on Router A (or use a routing

protocol like OSPF) to establish the iBGP connection.

• On Router A, establish an eBGP connection with Firewall and an iBGP connection with Router B;

configure BGP to advertise network 9.1.1.0/24 to Firewall, so that Firewall can access the intranet

through Router A; configure a static route to interface loopback 0 on Router B (or use another

protocol like OSPF) to establish the iBGP connection.

# Configure Firewall.

<Firewall> system-view

[Firewall] bgp 65008

[Firewall-bgp] router-id 1.1.1.1

[Firewall-bgp] peer 3.1.1.1 as-number 65009

GE0/0

3.1.1.2/24

Firewall

AS 65008

Eth1/1

8.1.1.1/24

Eth1/1

9.1.1.2/24

GE0/0

3.1.2.1/ 24

GE0/0

3.1.1.1/24

Router B

Router A

AS 65009

GE0/1

3.1.2.2/24

Eth1/1

9.1.1.1/ 24

IBGP

Loop0

1.1.1.1/32

Loop0

2.2.2.2/32

Loop0

3.3.3.3/32

Intranet