/routing/bgp

`/routing/bgp/instance`

Property		Description
as (integer [0..4294967295]; Default: )		32-bit BGP autonomous system number. Value can be entered in AS-Plain and AS-Dot formats. The parameter is also used to set up the BGP confederation, in the following format: `confederation_as/as`. For example, if your AS is 34 and your confederation AS is 43, then as configuration should be `as=43/34`.
cluster-id (IP address; Default: )		In case this instance is a route reflector: the cluster ID of the router reflector cluster to this instance belongs. This attribute helps to recognize routing updates that come from another route reflector in this cluster and avoid routing information looping. Note that normally there is only one route reflector in a cluster; in this case, 'cluster-id' does not need to be configured and BGP router ID is used instead
ignore-as-path-len (yes \| no; Default: no)		Whether to ignore the AS_PATH attribute in the BGP route selection algorithm. Works on input.
router-id (IP \| name; Default: main )		BGP Router ID to be used. Use the ID from the /routing/router-id configuration by specifying the reference name, or set the ID directly by specifying IP. Equal router-ids are also used to group peers into one instance.
routing-table (string; Default: )		Name of the routing table, to install routes in.
vrf (name; Default: main )		Name of the VRF BGP connections operates on. By default always use the "main" routing table.

`/routing/bgp/connection`

A list of all connection-specific parameters can be seen in the table below.

In addition to connection-specific parameters, template-specific parameters are also directly exposed in this menu, for easier configuration in simple scenarios (when templates are not necessary).

Property		Description
name (string; Default: )		Name of the BGP connection
connect (yes \| no; Default: yes)		Whether to allow the router to initiate the connection.
listen (yes \| no; Default: yes)		Whether to listen for incoming connections. If remote.address is a host address and listening is enabled, then close the listening socket right after the first successful "accept". If remote.address is a subnet and listening is enabled, then listening socket stays open after first successful "accept" and there is a hard coded limit that allows 256 open connections.
local - a group of parameters associated with the local side of the connection
	.address (IPv4/6; Default: ::)	Local connection address.
	.port(integer [0..65535]; Default:179 )	Local connection port.
	.role(ebgp \| ebgp-customer \| ebgp-peer \| ebgp-provider \| ebgp-rs \| ebgp-rs-client \| ibgp \| ibgp-rr; Default: )	BGP role, in most common scenarios it should be set to iBGP or eBGP. More information on BGP roles can be found in the corresponding RFC draft https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-open-policy/?include_text=1)
	.ttl (integer [1..255]; Default:)	Time To Live (hop limit) that will be recorded in sent TCP packets.
remote - a group of parameters associated with the remote side of the connection
	.address (IPv4/6; Default: ::)	Remote address used to connect and/or listen to.
	.port(integer [0..65535]; Default:179 )	Local connection port.
	.as(integer []; Default: )	Remote AS number. If not specified BGP will determine remote AS automatically from the OPEN message.
	.allowed-as(name)	Name of the num-list containing remote AS numbers that will be allowed to connect. Useful for dynamic peer configuration.
	.ttl (integer [1..255]; Default:)	Acceptable minimum Time To Live, the hop limit for this TCP connection. For example, if 'ttl=255' then only single-hop neighbors will be able to establish the connection. This property only affects EBGP peers.
tcp-md5-key (string; Default: )		The key used to authenticate the connection with TCP MD5 signature as described in RFC 2385. If not specified, authentication is not used.
templates (name[,name]; Default: default)		List of the template names, to inherit parameters from. Useful for dynamic BGP peers.
instance (name[,name]; Default: default)		Name of the instance this connection is assigned to.

`/routing/bgp/template`

Property		Description
add-path-out (all \|none; Default: )
afi (ip \| ipv6 \| l2vpn \| l2vpn-cisco \| vpnv4; Default: ip)		List of address families about which this peer will exchange routing information. The remote peer must support (they usually do) BGP capabilities optional parameter to negotiate any other families than IP.
as (integer [0..4294967295]; Default: )		32-bit BGP autonomous system number. Value can be entered in AS-Plain and AS-Dot formats. The parameter is also used to set up the BGP confederation, in the following format: `confederation_as/as`. For example, if your AS is 34 and your confederation AS is 43, then as configuration should be `as=43/34`. Overrides instance ASN.
cisco-vpls-nlri-len-fmt (auto-bits \| auto-bytes \| bits \| bytes; Default: )		VPLS NLRI length format type. Used for compatibility with Cisco VPLS. [[Read more>>]].
disabled (yes \| no; Default: no)		Whether the template is disabled.
hold-time (time[3s..1h] \| infinity; Default: 3m)		Specifies the BGP Hold Time value to use when negotiating with peers. According to the BGP specification, if the router does not receive successive KEEPALIVE and/or UPDATE and/or NOTIFICATION messages within the period specified in the Hold Time field of the OPEN message, then the BGP connection to the peer will be closed. The minimal hold-time value of both peers will be used (note that the special value 0 or 'infinity' is lower than any other value) infinity - never expire the connection and never send keepalive messages.
input - a group of parameters associated with BGP input
	.accept-comunities (string; Default: )	A quick way to filter incoming updates with specific communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.accept-ext-communities(string; Default: )	A quick way to filter incoming updates with specific extended communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.accept-large-comunities (string; Default: )	A quick way to filter incoming updates with specific large communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.accept-nlri(string; Default: )	Name of the ipv4/6 address-list. A quick way to filter incoming updates with specific NLRIs. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session restart.
	.filter-unknown(string; Default: )	A quick way to filter incoming updates with specific "unknown" attributes. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.affinity(afi \| alone \| instance \| main \| remote-as \| vrf; Default: alone )	Configure input multi-core processing. Read more in Routing Protocol Multi-core Support article. alone - input and output of each session are processed in its own process, most likely the best option when there are a lot of cores and a lot of peers afi, instance, vrf, remote-as - try to run input/output of new session in process with similar parameters main - run input/output in the main process (could potentially increase performance on single-core even possibly on multi-core devices with a small amount of cores) input - run output in the same process as input (can be set only for output affinity)
	.allow-as (integer [0..10]; Default: )	Indicates how many times to allow your own AS number in AS-PATH, before discarding a prefix.
	.filter (name; Default: )	Name of the routing filter chain to be used on input prefixes. This happens after NLRIs are processed. If the chain is not specified, then BGP by default accepts everything.
	.filter-comunities (string; Default: )	A quick way to filter incoming updates with specific communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.filter-ext-communities(string; Default: )	A quick way to filter incoming updates with specific extended communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.filter-large-comunities (string; Default: )	A quick way to filter incoming updates with specific large communities. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.filter-nlri(string; Default: )	Name of the filter chain that will filter incoming IPv4/IPv6 NLRIs directly before they are stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session restart.
	.filter-unknown(string; Default: )	A quick way to filter incoming updates with specific "unknown" attributes. It allows filtering incoming messages directly before they are even parsed and stored in memory, that way significantly reducing memory usage. Regular input filter chain can only reject prefixes which means that it will still eat memory and will be visible in /routing route table as "not active, filtered". Changes to be applied required session refresh.
	.limit-nlri-diversity (integer; Default: )
	.limit-process-routes-ipv4 (integer; Default: )	Try to limit the amount of received IPv4 routes to the specified number. This number does not represent the exact number of routes going to be installed in the routing table by the peer. BGP session "clear" command must be used to reset the flag if the limit is reached.
	.limit-process-routes-ipv6 (integer; Default: )	Try to limit the amount of received IPv6 routes to the specified number. This number does not represent the exact number of routes going to be installed in the routing table by the peer. BGP session "clear" command must be used to reset the flag if the limit is reached.
keepalive-time (time [1s..30m]; Default: )		The interval between keepalive messages, if not set by default keepalive is 1/3 of the `hold-time`.
multihop (yes \| no; Default: no)		Specifies whether the remote peer is more than one hop away. This option affects outgoing next-hop selection as described in RFC 4271 (for EBGP only, excluding EBGP peers local to the confederation). It also affects: whether to accept connections from peers that are not in the same network (the remote address of the connection is used for this check); whether to accept incoming routes with NEXT_HOP attribute that is not in the same network as the address used to establish the connection; the target-scope of the routes installed from this peer; routes from multi-hop or IBGP peers resolve their next-hops through IGP routes by default.
name (string; Default: )		Name of the BGP template
nexthop-choice (default \| force-self \| propagate; Default: default)		Affects the outgoing NEXT_HOP attribute selection. Note that next-hops set in filters always take precedence. Also note that the next-hop is not changed on route reflection, except when it's set in the filter. default - select the next-hop as described in RFC 4271 force-self - always use a local address of the interface that is used to connect to the peer as the next-hop; propagate - try to propagate further the next-hop received; i.e. if the route has BGP NEXT_HOP attribute, then use it as the next-hop, otherwise, fall back to the default case
output - a group of parameters associated with BGP output
	*.as-override (yes \| no; Default: no)*	If set, then all instances of the remote peer's AS number in the BGP AS-PATH attribute are replaced with the local AS number before sending a route update to that peer. Happens before routing filters and prepending.
	.affinity(afi \| alone \| instance \| main \| remote-as \| vrf; Default: )	Configure output multicore processing. Read more in Routing Protocol Multi-core Support article. alone - input and output of each session is processed in its own process, the most likely best option when there are a lot of cores and a lot of peers afi, instance, vrf, remote-as - try to run input/output of new session in process with similar parameters main - run input/output in the main process (could potentially increase performance on single-core even possibly on multicore devices with small amount of cores) input - run output in the same process as input (can be set only for output affinity)
	.default-originate (always \| if-installed \| never; Default: never)	Specifies default route (0.0.0.0/0) distribution method.
	default-prepend (integer [0..255]; Default: )
	.filter-chain (name; Default: )	Name of the routing filter chain to be used on the output prefixes. If the chain is not specified, then BGP by default accepts everything.
	.filter-select (name; Default: )	Name of the routing select chain to be used for prefix selection. If not specified, then default selection is used.
	.keep-sent-attributes (yes \| no; Default: no)	Store in memory sent prefix attributes, required for "`dump-saved-advertisements`" command to work. By default, sent-out prefixes are not stored to preserve the router's memory. An option should be enabled only for debugging purposes when necessary to see currently advertised prefixes.
	.network(name; Default: )	Name of the address list used to send local networks. The network is sent only if a matching IGP route exists in the routing table.
	.network-blackhole (yes \| no)	If set to "yes", blackhole route will be added in the RIB for each network from the list.
	.no-client-to-client-reflection (yes \| no; Default: )	Disable client-to-client route reflection in Route Reflector setups.
	.no-early-cut (yes \| no; Default: )	The early cut is the mechanism, to guess (based on default RFC behavior) what would happen with the sent NPLRI when received by the remote peer. If the algorithm determines that the NLRI is going to be dropped, a peer will not even try to send it. However such behavior may not be desired in specific scenarios, then then this option should be used to disable the early cut feature.
	redistribute (bgp, connected, bgp-mpls-vpn , dhcp, fantasy, modem, ospf, rip, static, vpn; Default:)	Enable redistribution of specified route types.
remove-private-as (yes \| no; Default: no		If set, then the BGP AS-PATH attribute is removed before sending out route updates if the attribute contains only private AS numbers. The removal process happens before routing filters are applied and before the local, AS number is prepended to the AS path.

routing-table (string; Default: )		Name of the routing table, to install routes in. Overrides instance parameter.
save-to (string; Default: )		Filename to be used to save BGP protocol-specific packet content (Exported PDU) into pcap file. This method allows much simpler peer-specific packet capturing for debugging purposes. Pcap files in this format can also be loaded to create virtual BGP peers to recreate conditions that happened at the time when packet capture was running.
templates (name[,name]; Default: )		List of template names from which to inherit parameters. Useful feature, to easily configure groups with overlapping configuration options.
use-bfd (yes \| no; Default: no)		Whether to use the BFD protocol for faster connection state detection.
vrf (name; Default: main )		Name of the VRF BGP connections operates on. By default always use the "main" routing table. Overrides instance parameter.

`/routing/bgp/session`

Read-only Property		Description
name

Also, in this menu is located a session-specific set of commands.

Command	Description
clear	Clear the session flags. For example, to be able to re-establish a session after the prefix limit is reached "limit-exceeded" flag must be cleared. It can be done by specifying "`flag`" parameter, which is able to take the following values: input-last-notification limit-exceeded output-last-notification refused-cap-opt stopped
dump-saved-advertisements	Dump saved advertisements from specified BGP session in the *.pcap file. The filename to store data is set by "`save-to`" parameter.
refresh	Send route refresh to a specified BGP session. Is used to trigger re-sending all the routes from the remote peer. "`address-family`" parameters allow specifying for which address family to send route refresh.
resend	Resend prefixes to a specified BGP session. The command takes two parameters: "`address-family`" - parameters allow specifying for which address family to resend prefixes. "`save-to`" - the name of the pcap file where to dump resent messages, can be used for debugging purposes.
reset	Reset specified BGP session.
stop	Stop specified BGP session.

`/routing/bgp/vpls`

This menu lists all the configured BGP-based VPLS instances. These instances allow the router to advertise VPLS BGP NLRI and indicate that the router belongs to a specific customer VPLS network.

MP-BGP-based autodiscovery and signaling (RFC 4761).

Cisco VPLS BGP-based auto-discovery (draft-ietf-l2vpn-signaling-08).

Support for multiple import/export route target extended communities for BGP-based VPLS (both, RFC 4761 and draft-ietf-l2vpn-signaling-08).

Property	Description
bridge (name)	The name of the bridge where dynamically created VPLS interfaces should be added as ports.
bridge-cost (integer [0..4294967295])
bridge-horizon (none \| integer [0..4294967295])	If set to none bridge horizon will not be used.
bridge-pvid (integer 1..4094)	Used to assign port VLAN ID (pvid) for dynamically bridged interface.
cisco-id ()	Unique identifier. A parameter must be set for cisco-style VPLS signaling. In most cases this should not be used, any modern software supports RFC 4761 style signaling (see site-id parameter). Parameter is a merge of l2-router-id and RD, for example: 10.155.155.1&6550:123
comment (string)	Short description of the item.
disabled (yes \| no)	Defines whether an item is ignored or used.
export-route-target (list of RTs)	The setting is used to tag BGP NLRI with one or more route targets which on the remote side is used by `import-route-targets`.
import-route-targets (list of RTs)	The setting is used to determine if BGP NLRI is related to a particular VPLS, by comparing route targets received from BGP NLRI.
local-pref (integer[0..4294967295])
name (string; Default: )
pw-control-word (default \| disabled \| enabled)	Enables/disables Control Word usage. Read more in the VPLS Control Word article.
pw-l2mtu (integer[32..65535])	Advertised pseudowire MTU value.
pw-type (raw-ethernet \| tagged-ethernet \| vpls)	The parameter is available starting from v5.16. It allows choosing advertised encapsulation in NLRI used only for comparison. It does not affect the functionality of the tunnel. `See pw-type usage example >>`
rd (string)	Specifies the value that gets attached to VPLS NLRI so that receiving routers can distinguish advertisements that may otherwise look the same. This implies that a unique route-distinguisher for every VPLS must be used. It is not necessary to use the same route distinguisher for some VPLS on all routers forming that VPLS as distinguisher is not used for determining if some BGP NLRI is related to a particular VPLS (Route Target attribute is used for this), but it is mandatory to have different distinguishers for different VPLSes. Accepts 3 types of formats. Read more>>
site-id (integer [0..65535])	Unique site identifier. Each site must have a unique site-id. A parameter must be set for RFC 4761 style VPLS signaling.
vrf (name)	Name of the VRF table.

`/routing/bgp/vpn`

L3VPN VPNv4/VPNv6 instance configuration

Property		Description
disabled (yes \| no)
export - a group of parameters associated with the vpnv4 export
	.filter-chain (name)	The name of the routing filter chain that is used to filter prefixes before exporting.
	.filter-select(name)	The name of the select filter chain that is used to select prefixes to be exported exporting.
	.redistribute(bgp \| connected \| dhcp \| fantasy \| modem \| ospf \| rip \| static \| vpn)	Enable redistribution of specified route types from VRF to VPNv4.
	.route-targets(rt[,rt])	List of route targets added when exporting VPNv4 routes. The accepted RT format is similar to the one for Route Distinguishers.
import - a group of parameters associated with the vpnv4 import
	.filter-chain (name)	The name of the routing filter chain that is used to filter prefixes during import.
	.route-targets(rt[,rt])	List of route targets that will be used to import VPNv4 routes. The accepted RT format is similar to the one for Route Distinguishers.
	.router-id(name \| ip)	The router ID of the BGP instance that will be used for the BGP best path selection algorithm.
label-allocation-policy (per-prefix \| per-vrf)
name
route-distinguisher (rd)		Helps to distinguish between overlapping routes from multiple VRFs. Should be unique per VRF. Accepts 3 types of formats. Read more>>
vrf (name)		Name of the VRF table that this VPN instance will use.
instance (name)		Name of the instance this VPN is assigned to.

`/routing` bgp evpn

See EVPN documentation.

Property		Description
name (string; Default: )		Name of the entry
instance (name)		BGP instance this EVPN is assigned to.
export - a group of parameters associated with the route export
	.route-targets (Iist of RTs)	List of route targets that will be added to EVPN routes when exporting.
import - a group of parameters associated with the route import
	.route-targets (Iist of RTs)	List of route targets that will be used to import EVPN routes.
rd (string)		Specifies the value that gets attached to route so that receiving routers can distinguish advertisements that may otherwise look the same. Used to distinguish between tenants using overlapping IP ranges. Also can be used to simplify convergence and redundancy within Virtual Network. RDs form MLAG pairs should be unique, too.
vni (range of integers[0..4294967295])		Range of Virtual Network Identifiers.
vrf (name)

Page tree

/routing/bgp

/routing/bgp/instance

/routing/bgp/connection

/routing/bgp/template

/routing/bgp/session

/routing/bgp/vpls

/routing/bgp/vpn

/routing bgp evpn