Route-Refresh Capabilities Overview
NSM supports BGP route-refresh. This feature provides a soft reset mechanism that allows the dynamic exchange of route refresh requests and routing information between BGP peers and the subsequent re-advertisement of the outbound or inbound routing table.
Routing policies for a BGP peer using route-maps might impact inbound or outbound routing table updates because whenever a route policy change occurs, the new policy takes effect only after the BGP session is reset. A BGP session can be cleared through a hard or soft reset.
A hard reset is disruptive because active BGP sessions are torn down and brought back up.
A soft reset allows the application of a new or changed policy without clearing an active BGP session. The route-refresh feature allows a soft reset to occur on a per-neighbor basis and does not require preconfiguration or extra memory.
A dynamic inbound soft reset generates inbound updates from a neighbor. An outbound soft reset sends a new set of updates to a neighbor. Outbound resets do not require preconfiguration or routing table update storage.
The route-refresh feature requires that both BGP peers advertise route-refresh feature support in the OPEN message. If the route-refresh method is successfully negotiated, either BGP peer can use the route-refresh feature to request full routing information from the other end.
For more detailed information about zones on security devices, see the Concepts & Examples ScreenOS Reference Guide: Routing.