Securing BGP Sessions with IPsec Transport Mode
For the ES PIC, you can use IPsec to secure BGP sessions between Routing
Engines in M Series and T Series platforms. To configure, create a transport mode security
association and apply the SA to the BGP configuration by including the ipsec-sa statement at the [edit protocols bgp group group-name] hierarchy
level.
[edit]
protocols {
bgp {
group group-name {
local-address ip-address;
export export-policy;
peer-as as-number;
ipsec-sa sa-name;
neighbor peer-ip-address;
}
}
}