About Border Gateway Protocol (BGP)
Some of the features described in this version of Fireware Help are only available to participants in the WatchGuard Beta program. If a feature described in this topic is not available in your version of Fireware, it is a beta-only feature.
Border Gateway Protocol (BGP) is a scalable dynamic routing protocol used on the Internet by groups of routers to share routing information. BGP uses route parameters or attributes to define routing policies and create a stable routing environment. This protocol allows you to advertise more than one path to and from the Internet to your network and resources, which gives you redundant paths and can increase your uptime.
Hosts that use BGP use TCP to send updated routing table information when one host finds a change. The host sends only the part of the routing table that has the change. BGP uses classless interdomain routing (CIDR) to reduce the size of the Internet routing tables. The size of the BGP routing table in Fireware is set at 32K.
The size of the typical WatchGuard customer wide area network (WAN) is best suited for OSPF dynamic routing. A WAN can also use external border gateway protocol (eBGP) when more than one gateway to the Internet is available. EBGP allows you to take full advantage of the redundancy possible with a multi-homed network.
Connections between two BGP peers can be external (eBGP) or internal (iBGP). Which type of connection it is depends on the autonomous system (AS) number assigned to each of the peers. The AS number indicates whether the peers are part of networks managed by the same or different organizations. If two BGP peers are part of the same autonomous system, they both use the same AS number, and the BGP connection between them is an iBGP session. If two BGP peers have different AS numbers, the BGP connection between them is an eBGP session.
To participate in eBGP with an ISP you must have a public autonomous system number (ASN). You must get an ASN from one of the regional registries in the table below. After you are assigned your own ASN, you must contact each ISP to get their ASNs and other necessary information.
For internal BGP between private networks you can use a private AS number. This avoids the need to register for a public AS number.
- 16-bit AS numbers reserved for BGP between private networks: 64512 to 65535
- 32-bit AS numbers reserved for BGP between private networks: 4200000000 to 4294967294
Free Range Routing (Fireware v12.9 or Higher)
In Fireware v12.9 or higher, Fireware uses the Free Range Routing (FRR) routing engine, which replaces Quagga. If your configuration includes Quagga commands for dynamic routing, those commands work after you upgrade. Some FRR commands appear in a different section than in Quagga.
For more information about FRR commands for BGP, see:
Quagga (Fireware v12.8.x or Lower)
In Fireware v12.8.x or lower, Fireware uses the Quagga routing software suite v1.2.4, which supports most routing commands available in more recent versions of Quagga.
For more information about Quagga commands for BGP, see: