FortiGate Version 3.0 MR4 Administration Guide
202 01-30004-0203-20070102
BGP Router Dynamic
BGP
Border Gateway Protocol (BGP) is an Internet routing protocol typically used by
ISPs to exchange routing information between different ISP networks. For
example, BGP enables the sharing of network paths between the ISP network and
an autonomous system (AS) that uses RIP and/or OSPF to route packets within
the AS. The FortiGate implementation of BGP supports BGP-4 and complies with
RFC 1771.
How BGP works
When BGP is enabled, the FortiGate unit sends routing table updates to
neighboring autonomous systems whenever any part of the FortiGate routing
table changes. Each AS, including the local AS of which the FortiGate unit is a
member, is associated with an AS number. The AS number references a particular
destination network.
IP Enter the IP address that has been assigned to the OSPF-enabled
interface. The interface becomes OSPF-enabled because its IP address
matches the OSPF network address space.
For example, if you defined an OSPF network of 172.20.120.0/24 and
port1 has been assigned the IP address 172.20.120.140, type
172.20.120.140.
Authentication Select an authentication method for LSA exchanges on the specified
interface:
• Select None to disable authentication.
• Select Text to authenticate LSA exchanges using a plain-text
password. The password can be up to 35 characters, and is sent in
clear text over the network.
• Select MD5 to use one or more keys to generate an MD5 hash.
This setting overrides the area Authentication setting.
Password Enter the plain-text password. Enter an alphanumeric value of up to 15
characters. The OSPF neighbors that send link-state advertisements to
this FortiGate interface must be configured with an identical password.
This field is available only if you selected plain-text authentication.
MD5 Keys Enter the key identifier for the (first) password in the ID field (the range is
from 1 to 255) and then type the associated password in the Key field.
The password is an alphanumeric string of up to 16 characters. The
OSPF neighbors that send link-state advertisements to this FortiGate
interface must be configured with an identical MD5 key. If the OSPF
neighbor uses more than one password to generate MD5 hash, select the
Add icon to add additional MD5 keys to the list. This field is available only
if you selected MD5 authentication.
Hello Interval Optionally, set the Hello Interval to be compatible with Hello Interval
settings on all OSPF neighbors.
This setting defines the period of time (in seconds) that the FortiGate unit
waits between sending Hello packets through the interface.
Dead Interval Optionally, set the Dead interval to be compatible with Dead Interval
settings on all OSPF neighbors.
This setting defines the period of time (in seconds) that the FortiGate unit
waits to receive a Hello packet from an OSPF neighbor through the
interface. If the FortiGate unit does not receive a Hello packet within the
specified amount of time, the FortiGate unit declares the neighbor
inaccessible.
By convention, the Dead Interval value is usually four times greater than
the Hello Interval value.
To Next Page
Loading...
Need help?
General