Configuring BGP
Fabric Cloud Router uses BGP routing protocol, and supports several features that enable users to manage how traffic is routed to support complex topologies.
IPv4 and IPv6 Peer Addressing
Fabric Cloud Router (FCR) supports IPv4 and IPv6 addressing. Each address type can be configured independently or concurrently (dual-stack). Each virtual connection created from the FCR requires configuration of a local (FCR) and remote peer IP address for each IP protocol version used on the connection. In most cases, users can define the BGP peering subnet to use, unless the remote peer, such as Google Cloud, requires specific addressing.
Peer ASNs
The peer Autonomous System Number (ASN) for the remote BGP peer provides Layer 3 connectivity. Cloud Router supports both registered (public) ASN and private ASN ranges. Cloud Router uses unique Equinix-registered ASNs in each Fabric metro to avoid potential conflicts with private ASNs. Cloud Routers within a given metro always use the same registered ASN, and do not currently support user-configured ASNs.
Cloud Router allows use of 2-byte or 4-byte ASNs (1-4294967294), except for the numbers listed below.
| ASN | Purpose |
|---|---|
| Special purpose numbers: | |
| 0 | Reserved by RFC7607 |
| 112 | Used by the AS112 project RFC7534 |
| 23456 | AS_TRANS; reserved by RFC6793 |
| 64496–64511 | Reserved for documentation by RFC4398 |
| 65535 | Reserved by RFC7300 |
| 65536–65551 | Reserved for documentation by RFC5398 |
| 4294967295 | Reserved by RFC7300 |
| Equinix-reserved numbers: | |
| 64600, 4200000000–42000000002 |
MD5 Authentication
Cloud Router supports the use of MD5 authentication, which provides an additional layer of security for BGP by requiring participating BGP peers to have matching MD5 authentication keys required for BGP on the Cloud Router. But if a remote BGP peer requires MD5 authentication, ensure that the key is configured on the specific Cloud Router connection.
Fabric Cloud Router MD5 authentication supported values – Up to 80 characters
Maximum Routes Received for IPv4/v6 (Max Prefix Limit)
Cloud Router supports the ability for users to configure the maximum routes to receive from a particular peer. This optional feature allows users to configure a maximum number of routes to allow a peer to advertise to the Cloud Router before resetting their BGP sessions.
If a peer advertises more than the configured limit for the connection, the Cloud Router resets the BGP session for 5 minutes before re-establishing the session. Also, configuring or updating a maximum limit after the session has been established triggers a reset of the BGP session.
Default – Cloud Router package route quota limit. If the user does not configure this value, this defaults to the IPv4/6 quota for the Cloud Router. For more information about the Cloud Router packages, see About Equinix Fabric Cloud Router.
Allowed values: [1–Cloud Router IPv4/v6 route quota]
AS Path Prepend
Cloud Router supports outbound AS path prepend, which allows users to set the number of prepends to the AS path. With values set larger than 0, the Cloud Router adds its own ASN to the AS path based on the value of the prepend that the user selects. When using prepending, this increases the length of the AS path. This indicates to the BGP peer that a particular connection might be less preferred, because one of the parameters that BGP relies on for route preference is the number of Autonomous Systems (AS) between BGP peers. A longer AS path is typically less preferred, unless another BGP operation has a higher priority over the AS path length.
FCR AS-Path values supported – Disabled, 1, 3, 5
Default – Disabled (no prepending will occur)
AS Override
Cloud Router supports user-enabled AS override, which overwrites one or more instances of the BGP peer ASN found within the AS path advertised by FCR.
When one or more Fabric Cloud Routers (multiple Cloud Routers connected to an IP-WAN network) are used to interconnect networks using the same Autonomous System Number (ASN), AS override can be used to disable the default eBGP loop prevention mechanism.
Example:
AS override on FCR might be desired when a user has Cloud Routers in multiple metros such as Dallas and Ashburn (Washington D.C.) interconnected via IP-WAN. The user also has connections to a cloud provider (such as Oracle, Azure, or Google) that uses a single global ASN for all cloud regions in both locations. The user might prefer that their inter-region traffic between cloud regions be routed through Cloud Router and IP-WAN rather than the cloud provider’s network. In this case, AS override can be enabled on each cloud provider FCR connection, and traffic between the cloud regions will be permitted, because the AS-Path of advertised prefixes will not include the cloud provider’s originating ASN in the AS-Path.
Cloud Router-supported AS override settings – Disabled / Enabled
Default – Disabled
Multi-Exit Discriminator (MED)
Cloud Router supports user-configured Inbound and Outbound Multi-Exit Discriminator (MED) for each connection. Default use of the MED parameter requires more than one connection between neighboring ASes.
MED parameters are optional, allowing users to suggest to a peer the preferred connection that the peer should use to send traffic to the originating AS. MEDs can also be applied locally to received (inbound) prefixes to influence which connection could be used to send traffic to the neighboring AS. When configuring a MED, values with a lower number are preferred over those with a higher number.
- Inbound – The MED value that the user applies to a connection to influence the local routing decision to prefer this connection over another for traffic sent to the neighboring AS
- Outbound – The MED value that is advertised to a neighboring AS to suggest a preferred connection for traffic sent to this AS
Cloud Router-supported MED values: 1–4294967295
Bidirectional Forwarding Detection (BFD)
Cloud Router supports user-enabled BFD for each virtual connection, which can assist with the amount of time required to detect and propagate any changes with BGP routes as part of reconvergence, including minimizing interruptions due to fail-over events. This is an optional feature that users can enable. Users can configure the BFD TX interval at which the Cloud Router will announce to the BGP peer.
Cloud Router-supported BFD TX intervals – 100–999 (in milliseconds)
Default – BFD Enabled = False
BFD Multiplier: 3x (This value is not user configurable.)
