HP VPN Firewall Appliances Network Management Configuration Guide
500
Ste
p
Command
Remarks
2. Enter BGP view or BGP-VPN
instance view.
• Enter BGP view:
bgp as-number
• Enter BGP-VPN instance view:
a. bgp as-number
b. ipv4-family vpn-instance
vpn-instance-name
Use either method.
3. Enable quick reestablishment of
direct EBGP session.
ebgp-interface-sensitive
Optional.
Not enabled by default.
Enabling MD5 authentication for BGP peers
You can enable MD5 authentication to enhance security in the following ways:
• Perform MD5 authentication when establishing TCP connections. Only the two parties that have the
same password configured can establish TCP connections.
• Perform MD5 calculation on TCP packets to avoid modification to the encapsulated BGP packets.
To enable MD5 authentication for BGP peers:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter BGP view or BGP-VPN
instance view.
• Enter BGP view:
bgp as-number
• Enter BGP-VPN instance view:
a. bgp as-number
b. ipv4-family vpn-instance
vpn-instance-name
Use either method.
3. Enable MD5 authentication
for BGP peers.
peer { group-name | ip-address } password
{ cipher | simple } password
Not enabled by default.
Configuring BGP load balancing
If multiple BGP routes that have the same AS_PATH, ORIGIN, LOCAL_PREF, and MED attributes to a
destination exist, you can use the balance command to configure the maximum number of BGP routes for
load balancing to improve link utilization.
To configure BGP load balancing:
Ste
p
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enter BGP view or BGP-VPN
instance view.
• Enter BGP view:
bgp as-number
• Enter BGP-VPN instance view:
a. bgp as-number
b. ipv4-family vpn-instance
vpn-instance-name
Use either method.
3. Configure the maximum number
of BGP routes for load balancing.
balance [ ebgp | ibgp ] number
By default, load balancing is
not enabled.