BGP Reference

A BGP session requires the following:

  • 2 ASNs: A cloud-side ASN and a PacketFabric-side ASN
  • 2 router IP addresses: A cloud-side router and a PacketFabric-side router
  • 2 sets of allowed IP prefixes: IP addresses going into the cloud and those originating in the cloud

Supported ASNs

Cloud-side ASN

The cloud-side ASN is either set by the cloud service provider (CSP) on your behalf (Microsoft Azure, IBM Cloud), or you manually select it when creating the gateway (AWS, Google Cloud).

  • Row
    • Cloud
    • ASN
    • Notes
  • Row
    • Amazon

    • 7224
      64512 to 65534 (2 byte)
      4200000000 to 4294967294 (4 byte)

    • You specify the Amazon-side ASN when you create the AWS Direct Connect Gateway or AWS Virtual Private Gateway.

      Public virtual interfaces use the Amazon public ASN 7224.

      The Amazon-side ASN is also listed on the VIF details page.

  • Row
    • Google

    • 16550**

    • You specify the Google-side ASN when you create the Google Cloud Router.

      Google requires that you use ASN 16550 on all Google Cloud Routers associated with Partner Interconnect VLAN attachments.

      ** If you are using the PacketFabric Cloud Router to connect two separate Google Cloud environments, then only one of those Google connections can use the 16550 ASN. In this case, you must configure a private ASN on the Google Cloud Router after associating it with the VLAN attachment. See Google-side ASN workaround. If doing this, you can use private ASNs from 64512-65534 (2 byte) and 4200000000-4294967294 (4 byte).

  • Row
    • Microsoft
    • 12076
    • Microsoft sets this ASN for all ExpressRoute peerings on your behalf. It cannot be changed.
  • Row
    • IBM
    • 13884
    • IBM sets this ASN for all Direct Link peerings on your behalf. It cannot be changed.
  • Row
    • Oracle
    • 31898
    • Oracle sets this ASN for all FastConnect peerings on your behalf. It cannot be changed.

PacketFabric-side ASN

You set the ASN when you create the PacketFabric Cloud Router. It can be our public ASN 4556, a public ASN owned by you, or a private ASN of your choice.

While you can specify any ASN when creating the Cloud Router, some cloud service providers restrict what ASNs they will allow when establishing BGP sessions.

Consider the following cloud-side restrictions before assigning an ASN to your Cloud Router.

  • Row

    • Cloud
    • ASN
    • Notes
  • Row

    • Amazon

    • 2-byte public
      1 - 64511
      (Owned by you or 4556 for PacketFabric)

      2-byte private
      64512 - 65534

      4-byte public
      1 to 2147483647

      4-byte private
      Unsupported

    • Enter the ASN into the BGP ASN field when creating a virtual interface in the AWS console.

      A public ASN works with public, private, and transit VIFs.

      A private ASN also works with all VIF types. However, if you are using a private ASN, then AS prepending will not work for the public VIF connections. (Source).

  • Row

    • Google

    • 2-byte public
      1 - 64511
      (Owned by you or 4556 for PacketFabric)

      2-byte private
      64512 - 65534

      4-byte public
      1 - 4199999999

      4-byte private
      4200000000 – 4294967294

    • Enter the ASN into the Peer ASN field when configuring BGP in the Google Cloud console.

  • Row

    • Microsoft

    • 2-byte public
      1 - 64511
      (Owned by you or 4556 for PacketFabric)

      2-byte private
      64512 - 65514
      65521 - 65534

      4-byte public
      1 - 4199999999

      4-byte private
      4200000000 – 4294967294

    • Enter the ASN into the ASN field when configuring peering in the Azure console.

      Microsoft reserves ASNs 65515 to 65520 (inclusive) for internal use. (Source)

      If you are planning to use Microsoft peering (public peering), you should set the Cloud Router ASN to a public ASN.

  • Row

    • IBM

    • 2-byte public
      1 - 64495
      64999
      Exclude 13884, 36351
      (Owned by you or 4556 for PacketFabric)

      2-byte private
      64514 to 65099
      65101 to 65200
      65235 to 65401
      65434 to 65499
      65501 to 65534

      4-byte public
      131072 - 4199999999

      4-byte private
      4201000000 - 4201064999
      4201066000 - 4201064511

    • PacketFabric automatically sends the Cloud Router ASN to IBM on your behalf.

      IBM excludes the following ASNs: 0, 13884, 36351, 64512, 64513, 65100, 65201‍–‍65234, 65402‍–‍65433, 65500, and 4201065000‍–‍4201065999. (Source)

  • Row

    • Oracle

    • 2-byte public
      1 - 64511
      (Owned by you or 4556 for PacketFabric)

      2-byte private
      64512 - 65533

      4-byte public
      1 - 4199999999

      4-byte private
      4200000000 – 4294967294

    • Enter the ASN into the Customer BGP ASN field when creating the FastConnect in the Oracle Cloud console.

      ASN 65534 is reserved by Oracle. Public virtual circuits require a public ASN.

For example, if you intend to route traffic between Google Cloud, IBM, and AWS, you can set your PacketFabric Cloud Router to 65515. But this means you cannot add an Azure connection to that Cloud Router, as 65515 is reserved by Microsoft. So if you want to include Google, IBM, AWS, and Microsoft, you could use 65522 instead.

Router IP addresses

In every case except for Microsoft Azure, the CSP generates both router IP addresses on your behalf. All that is left for you to do is copy and paste those addresses when configuring BGP on the PacketFabric side.

  • Row

    • Cloud
    • Notes
  • Row

    • Amazon

    • By default, the router IPs are automatically generated when you create the AWS virtual interface (VIF).

      If necessary, you can specify your own IP addresses under the Advanced settings section of the virtual interface form. However, we recommend that you allow AWS to provide them on your behalf.

      PacketFabric fields:

      • Amazon Router Peer IP: Enter the Amazon router peer IP provided with the VIF.
      • PacketFabric Router Peer IP: Enter Your router peer IP provided with the VIF.
  • Row

    • Google

    • The router IPs are automatically generated when you accept the connection from the Google side. They cannot be modified.

      PacketFabric fields:

      • Google Router Peer IP: Enter the Cloud Router IP provided for the VLAN attachment.
      • PacketFabric Router Peer IP: Enter the On-premises router IP provided for the VLAN attachment.
  • Row

    • Microsoft

    • Azure is the only CSP that requires you to set both IP ranges instead of automatically generating them on your behalf.

      Regardless of whether you intend to use both primary and secondary connections, you must supply a subnet range for each when configuring peering on the Azure side.

      From there, the router IPs are derived from the subnet ranges you provide. The first usable IP is allocated to the PacketFabric Cloud Router, and the second is allocated to the Microsoft edge router.

      For example, if you enter 192.168.100.128/30, the PacketFabric Cloud Router peer IP address is 192.168.100.129 and the Microsoft peer is 192.168.100.130.

      PacketFabric fields:

      • IPv4 primry subnet: Enter the same value you provided in the IPv4 Primary subnet field when configuring private peering in the Azure portal.
      • IPv4 secondary subnet: Enter the same value you provided in the IPv4 Secondary subnet field when configuring private peering in the Azure portal.

      PacketFabric will programmatically select one from which to assign the peer IP addresses.

  • Row

    • IBM

    • The router IPs are automatically generated and configured on your beahalf when you create the Direct Link connection.

      PacketFabric fields:

      • IBM Router Peer IP: This corresponds to the IBM CIDR value in the IBM Cloud console.
      • PacketFabric Router Peer IP: This corresponds to the User CIDR value in the IBM Cloud console.
  • Row

    • Oracle

    • You set the router IPs when creating the FastConnect virtual circuit in the Oracle Cloud console.

      For the Oracle-side router IP, you can manually set the IP address or leave the field blank to have Oracle generate one on your behalf. For the PacketFabric-side router IP, you are required to manually enter an IP address.

      When you create the Oracle Cloud Router connection in the PacketFabric portal, we programatically pull these IP addresses via an API.

      PacketFabric fields:

      • Oracle Router Peer IP Address: This corresponds to the Oracle BGP IPV4 Address value in the Oracle Cloud console.
      • PacketFabric Router Peer IP Address: This corresponds to the Customer BGP IPV4 Address value in the Oracle Cloud console.

BGP Session Settings