Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Palo's behaviour as a Route reflector

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Palo's behaviour as a Route reflector

L0 Member

We have Nexus 9k routers "R1 and R2" connected to a silverpeak device which is learning routes from the remote sites. The R1 and R2 are also connected to a Palo Alto firewall which is acting a Router reflector for R1 and R2. We are doing BGP in this setup. R1 and R2 are distributing the routes(Learnt via the Silverpeak device) to the Palo Firewall(ECMP is turned on). And the Palo is redistributing the routes back the routes to R1 and R2( Which is not good). I see some routes are only redistributing back to R2 and some routes are redistributing back to R1 and R2. What is the reason for this odd behavior? What are the rules on the Palo for acting as a route reflector?

 

 

2 REPLIES 2

Cyber Elite
Cyber Elite

that completely depends on how you set your export and redistribution rules, and how you set the reflector client in the peering group

you could filter the AS path in your export rules and maintain specific exports for each peer group

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Thanks for the explanation.

  • 1457 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!