Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How does the ScreenOS firewall selects the best BGP route for the routing table?

0

0

Article ID: KB24303 KB Last Updated: 04 Jun 2012Version: 1.0
Summary:
This article describes how the ScreenOS firewall selects a BGP route for the routing table.
Symptoms:
In devices that support BGP, most of the time, you will have multiple routes to the same IP address. This article describes how the ScreenOS firewall decides which route to place in the routing table.
Cause:

Solution:
You have to strictly adhere to RFC 1771 for the route selection process. In the RFC, there are default and configurable settings, with which a device that supports BGP, can use to select the best route for the routing table.

The default options are:

  • Origin (whether IBGP or EBGP, IBGP is preferred)

  • Next hop

  • External

  • BGP ID

The Configurable options are:

  • Weight

  • Local preference

  • AS path

  • MED

Now, based on what is configurable or not, the route selection will stick to the following selection process to select the best route for the routing table:

  • Weight: The route with the highest weight is preferred (configurable).

  • Local Preference: The route with the highest local preference is preferred (configurable).

  • AS Path Length: The route with the shortest AS path is preferred (configurable).

  • Origin code: The route with the lowest origin code is preferred (configurable).  

  • Multi-exit-discriminator (MED): The route with the lowest MED value is preferred (configurable).

  • Next hop: The route with the lowest cost (in the forwarding table) to the next hop is preferred (default).

  • External: The route learned from the external peer is preferred (default).

  • BGP ID: The route learned from the peer with lowest ID is preferred (default).

Any options, which are set as configurable, will have to be configured on the ScreenOS device for it to add the route to the routing table.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search