Technical Documentation

Option: Securing BGP Sessions with Transport Mode

For the ES PIC, you can use IPSec to secure BGP sessions between Routing Engines in M Series and T Series platforms. To configure, create a transport mode security association and apply the SA to the BGP configuration by including the ipsec-sa statement at the [edit protocols bgp group group-name] hierarchy level.

[edit]protocols {bgp {group group-name {local-address ip-address;export export-policy;peer-as as-number;ipsec-sa sa-name;neighbor peer-ip-address;}}}

Published: 2010-04-15