I'm currently using rip in a single virtual router. I'm adding BGP for a Microsoft Express Route circuit. I have a consultant to assist in the BGP setup. He says the BGP needs to be in a separate virtual router. Is there a reason for this that anyone knows ? His answer is PaloAlto requires it. ???
Solved! Go to Solution.
A seoerate VR is not required to my knowledge.
BGP runs fine with one virtual router.
What is consultants claim? That BGP in general needs seperate VR or because you have RIP already?
VR are needed when you need to isolate groups of routes that you don't want to propogate everywhere on the network. I suspect we are missing some element of your topology and routing requirements that make putting the Azure Express Routes in an isolated instance.
What is the toplogy and what segments need to communicate with Azure across this connection?
My topology is pretty simple. Core L3 switch with a half dozen vlans.
There is no requirement for isolation.
In fact I'm trying to figure out how this could work.
Part of what we are doing is connecting to the MS public PAS services such as Data Warehouse.
Using route filters we only get routing to the East Central region public addresses via the BGP session with Azure.
Since the BGP router has those routes, how would a workstation connected to the other VR know how to get to the Data Warehouse in East Central using the Express Route circuit.
There is no requirement for a separate VR other than consulant speak saying that's the way to do it.
It sounds like the VR is not a requirement for you then. These would typically be used in your setup if you had only a segment of your network that would access the express route path. This is usually a Data Center area of the network. While the rest of the network should not see the routes or have access.
Importing the routes to a separate VR then makes it easy to control their redistribution on your company network to only thoese areas that need the access and nowhere else.
From your description it seems like this is not the case for your company.
You do not need a separate VR unless you are learning routes in BGP that overlap with routes in your existing network. If that is the case, you will have to worry about more that just a separate VR.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!