This section uses the following conventions:
<as-number> is the autonomous system (AS) number. Possible values: 1 to 4294967295<vrf-name> is the name of an existing virtual router (Virtual Routing and Forwarding; VRF) created using the vrf command.<route-map-name> is the name of an existing route map created using the routing> route-map command.<acl-name> is the name of an existing ACL created using the routing> access-list command.<prefix-list-name> is the name of an existing prefix list created using the routing> prefix-list command.bgp [no] vrf <vrf-name>Configure (or delete if no) the BGP instance for the specified VRF.
bgp vrf=['name']> [no] enabledEnable (or disable if no) the BGP instance for the specified VRF.
bgp vrf=['name']> [no] as <as-number>Set (or remove if no) the autonomous system (AS) number for BGP.
Example:
ngfw> bgp vrf=['Main']> as 65000
bgp vrf=['name']> [no] router-id <A.B.C.D>Set (or remove if no) the router ID for BGP.
Example:
ngfw> bgp vrf=['Main']> router-id 1.1.1.1
bgp vrf=['name']> [no] maximum-paths <number>Set (or remove, if no) the maximum number of parallel routes for balancing traffic (Equal Cost Multi-Path Routing). Possible values: 1 to 128.
Example:
ngfw> bgp vrf=['Main']> maximum-paths 123
bgp vrf=['name']> [no] always-compare-medEnable (or disable if no) the Multi-Exit Discriminator (MED) metric even if routes are advertised by different autonomous systems.
bgp vrf=['name']> [no] graceful-restartEnable (or disable, if no) the seamless restart mode for BGP.
bgp vrf=['name']> [no] ipv4-unicastEnable (or disable, if no) the propagation of IPv4 unicast routes in BGP.
bgp vrf=['name']> timers [no] keepalive-timer <keepalive-time>Set (or remove, if no) the time interval for sending keepalive messages to BGP peers. Possible values: 0 to 65535.
Example:
ngfw> bgp vrf=['Main']> timers keepalive-timer 30
bgp vrf=['name']> timers [no] hold-timer <hold-time>Set (or remove, if no) the time interval for waiting for keepalive messages from BGP peers. Possible values: 0 to 65535.
Example:
ngfw> bgp vrf=['Main']> timers hold-timer 90
bgp vrf=['name']> [no] redistribution (connected|kernel|ospf|static)Configure (or disable, if no) the redistribution of routes from another protocol to BGP.
bgp vrf=['name']> redistribution (connected|kernel|ospf|static) [no] metric <metric>Set (or remove, if no) the metric for routes from another protocol to BGP. Possible values of the metric parameter: 0 to 65535.
Example:
ngfw> bgp vrf=['Main']> redistribution ospf metric 100
bgp vrf=['name']> redistribution (connected|kernel|ospf|static) [no] route-map <route-map-name>Set (or remove, if no) the route map for routes from another protocol to BGP.
Example:
ngfw> bgp vrf=['Main']> redistribution ospf route-map TEST
bgp vrf=['name']> [no] networks <A.B.C.D/M>Add (or remove, if no) a network to the BGP table.
bgp vrf=['name']> networks <A.B.C.D/M> [no] route-map <route-map-name>Add (or remove, if no) a network to the BGP table using a route map.
Example:
networks 10.10.10.1/24 route-map TEST
bgp vrf=['name']> [no] neighbor <name>Configure (or remove if no) a BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] ip <A.B.C.D>Set (or remove, if no) the IP address of the BGP peer for the connection.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> ip 10.10.10.2
bgp vrf=['name']> neighbor=['name']> [no] remote-as <as-number>Set (or remove, if no) the remote AS for the BGP peer.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> remote-as 65001
bgp vrf=['name']> neighbor=['name']> [no] local-as <as-number>Set (or remove, if no) the local AS for the BGP peer.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> local-as 65000
bgp vrf=['name']> neighbor=['name']> [no] shutdownEnable (or disable, if no) the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] password <password> Set (or remove, if no) the local password for BGP peer authentication.
bgp vrf=['name']> neighbor=['name']> [no] description <description>Add (or remove, if no) a description for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] update-source <A.B.C.D>Set (or remove if no) the source IP address for BGP updates.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> update-source 10.10.10.3
bgp vrf=['name']> neighbor=['name']> [no] weight <weight>Set (or remove, if no) the weight for routes received from the BGP peer. Possible values: 0 to 65535.
bgp vrf=['name']> neighbor=['name']> [no] timersEnable (or disable, if no) timers for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] keepalive-timer <keepalive-time>Set (or remove, if no) the time interval for sending keepalive messages to the BGP peer. Possible values: 0 to 65535.
bgp vrf=['name']> neighbor=['name']> [no] hold-timer <hold-time>Set (or remove, if no) the time interval for waiting for keepalive messages from the BGP peer. Possible values: 0 to 65535.
bgp vrf=['name']> neighbor=['name']> [no] soft-reconfigurationEnable (or disable, if no) soft reconfiguration for incoming or outgoing updates from the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] unchanged-as-pathEnable (or disable, if no) AS_PATH attribute persistence for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] unchanged-next-hopEnable (or disable, if no) NEXT_HOP attribute persistence for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] unchanged-medEnable (or disable, if no) MED attribute persistence for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] next-hop-selfEnable (or disable, if no) the use of own IP address as the NEXT_HOP attribute for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] send-communityEnable (or disable, if no) the sending of route community messages for the BGP peer.
bgp vrf=['name']> neighbor=['name']> send-community-type (all|both|extended|large|standard)Set (or remove, if no) the type of route community messages for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] route-reflectorEnable (or disable, if no) the route-reflector role for the BGP peer.
bgp vrf=['name']> neighbor=['name']> [no] ebgp-multihop <ttl>Set (or remove if no) the maximum value that can be used for the BGP peer connection. Possible values: 1 to 255.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> ebgp-multihop 5
bgp vrf=['name']> neighbor=['name']> [no] default-originateEnable (or disable, if no) the sending of the default route to the peer AS.
bgp vrf=['name']> neighbor=['name']> [no] default-originate-map <route-map-name>Set (or remove, if no) the default route for sending to the peer AS using a route map.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> default-originate-map TEST
bgp vrf=['name']> neighbor=['name']> [no] incoming-acl <acl-name>Set (or remove, if no) the inbound ACL for filtering updates from the BGP peer. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> incoming-acl TEST
bgp vrf=['name']> neighbor=['name']> [no] outgoing-acl <acl-name>Set (or remove, if no) the outbound ACL for filtering updates sent to the BGP peer. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> outgoing-acl TEST
bgp vrf=['name']> neighbor=['name']> [no] incoming-prefix-list <prefix-list-name>Set (or remove, if no) the inbound prefix list for filtering updates from the BGP peer. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> incoming-prefix-list TEST
bgp vrf=['name']> neighbor=['name']> [no] outgoing-prefix-list <prefix-list-name>Set (or remove, if no) the outbound prefix list for filtering updates sent to the BGP peer. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> outgoing-prefix-list TEST
bgp vrf=['name']> neighbor=['name']> [no] incoming-route-map <route-map-name>Install (or remove if no) an inbound route map for filtering and modifying the attributes of routes received from the BGP peer.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> incoming-route-map TEST
bgp vrf=['name']> neighbor=['name']> [no] outgoing-route-map <route-map-name>Install (or remove if no) an outbound route map for filtering and modifying the attributes of routes sent to the BGP peer.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> outgoing-route-map TEST
bgp vrf=['name']> neighbor=['name']> [no] maximum-prefix <maximum-prefix>Set (or remove, if no) the maximum number of routes that can be received from the BGP peer. Possible values: 1 to 4294967295.
Example:
ngfw> bgp vrf=['Main']> neighbor=['ngfw-2']> maximum-prefix 1000
bgp vrf=['name']> neighbor=['name']> [no] allow-as-inAllow (or deny, if no) routes with own AS in the AS_PATH list.
bgp vrf=['name']> neighbor=['name']> [no] bfdEnable (or disable, if no) the use of BFD (Bidirectional Forwarding Detection) to check the health of the link with the BGP peer.
bgp vrf=['name']> [no] peer-group <name>Configure (or remove if no) a BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] listen-range <A.B.C.D/M>Set (or remove, if no) the range of addresses for listening for connections in the BGP neighbor group.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> listen-range 192.168.10.0/24
bgp vrf=['name']> peer-group=['name']> [no] remote-as <as-number>Set (or remove, if no) the remote AS for the BGP peer group.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> remote-as 65001
bgp vrf=['name']> peer-group=['name']> [no] local-as <as-number>Set (or remove, if no) the local AS for the BGP peer group.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> local-as 65002
bgp vrf=['name']> peer-group=['name']> [no] shutdownDisable (or enable if no) the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] password <password> Set (or remove, if no) the password for BGP peer group authentication.
bgp vrf=['name']> peer-group=['name']> [no] description <description>Add (or remove, if no) a description for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] update-source <A.B.C.D>Set (or remove if no) the source IP address for BGP peer group updates.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> update-source 10.10.8.1
bgp vrf=['name']> peer-group=['name']> [no] weight <weight>Set (or remove, if no) the initial weight for routes received from the BGP peer group. Possible values: 0 to 65535.
bgp vrf=['name']> peer-group=['name']> [no] timersEnable (or disable, if no) timers for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] keepalive-timer <keepalive-time>Set (or remove, if no) the time interval for sending keepalive messages to the BGP peer group. Possible values: 0 to 65535.
bgp vrf=['name']> peer-group=['name']> [no] hold-timer <hold-time>Set (or remove, if no) the time interval for waiting for keepalive messages from the BGP peer group. Possible values: 0 to 65535.
bgp vrf=['name']> peer-group=['name']> [no] soft-reconfigurationEnable (or disable, if no) soft reconfiguration for incoming or outgoing updates from the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] unchanged-as-pathEnable (or disable, if no) AS_PATH attribute persistence for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] unchanged-next-hopEnable (or disable, if no) NEXT_HOP attribute persistence for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] unchanged-medEnable (or disable, if no) MED attribute persistence for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] next-hop-selfEnable (or disable, if no) the use of own IP address as the NEXT_HOP attribute for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] send-communityEnable (or disable, if no) the sending of route community messages for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] send-community-type (all|both|extended|large|standard)Set (or remove, if no) the type of route community messages for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] route-reflectorEnable (or disable, if no) the route-reflector role for the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] ebgp-multihop <ttl>Set (or remove if no) the maximum value that can be used for the BGP peer group connection. Possible values: 1 to 255.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> ebgp-multihop 10
bgp vrf=['name']> peer-group=['name']> [no] default-originateEnable (or disable, if no) the sending of the default route to the BGP peer group.
bgp vrf=['name']> peer-group=['name']> [no] default-originate-map <route-map-name>Set (or remove, if no) the default route for sending to the peer group AS using a route map.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> default-originate-map TEST
bgp vrf=['name']> peer-group=['name']> [no] incoming-acl <acl-name>Set (or remove, if no) the inbound ACL for filtering updates from the BGP peer group. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> incoming-acl TEST
bgp vrf=['name']> peer-group=['name']> [no] outgoing-acl <acl-name>Set (or remove, if no) the outbound ACL for filtering updates sent to the BGP peer group. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> outgoing-acl TEST
bgp vrf=['name']> peer-group=['name']> [no] incoming-prefix-list <prefix-list-name>Set (or remove, if no) the inbound prefix list for filtering updates from the BGP peer group. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> incoming-prefix-list TEST
bgp vrf=['name']> peer-group=['name']> [no] outgoing-prefix-list <prefix-list-name>Set (or remove, if no) the outbound prefix list for filtering updates sent to the BGP peer group. Consider that prefix lists and ACLs cannot be set at the same time.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> outgoing-prefix-list TEST
bgp vrf=['name']> peer-group=['name']> [no] incoming-route-map <route-map-name>Install (or remove if no) an inbound route map for filtering and modifying the attributes of routes received from the BGP peer group.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> incoming-route-map TEST
bgp vrf=['name']> peer-group=['name']> [no] outgoing-route-map <route-map-name>Install (or remove if no) an outbound route map for filtering and modifying the attributes of routes sent to the BGP peer group.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> outgoing-route-map TEST
bgp vrf=['name']> peer-group=['name']> [no] maximum-prefix <maximum-prefix>Set (or remove, if no) the maximum number of routes that can be received from the BGP peer group. Possible values: 1 to 4294967295.
Example:
ngfw> bgp vrf=['Main']> peer-group=['ngfw-group']> maximum-prefix 1000
bgp vrf=['name']> peer-group=['name']> [no] allow-as-inAllow (or deny, if no) routes with own AS in the AS_PATH list.
bgp vrf=['name']> peer-group=['name']> [no] bfdEnable (or disable, if no) the use of BFD (Bidirectional Forwarding Detection) to check the health of the link with the BGP peer group.
bgp vrf=['name']> leaking [no] rd (<as-number>:<number>|<A.B.C.D>:<number>)Set (or remove, if no) the Route Distinguisher for configuring route leaking between VRFs in BGP. This command allows configuring a unique ID for each route that will be used for routing between VRFs. The route ID consists of two parts: the AS ID and the route number. The AS ID can be specified as a number or as an IP address. Possible values of the number parameter: 0 to 4294967295.
Example:
ngfw> bgp vrf=['Main']> leaking rd 65000:1000
bgp vrf=['name']> leaking [no] target-export <target>Set (or remove, if no) the export route for route leaking between VRFs in BGP.
Example:
ngfw> bgp vrf=['Main']> leaking target-export 65000:1000
bgp vrf=['name']> leaking [no] target-import <target>Set (or remove, if no) the import route for route leaking between VRFs in BGP.
Example:
ngfw> bgp vrf=['Main']> leaking target-import 65000:1000
bgp vrf=['name']> leaking [no] export-route-map <route-map-name>Set (or remove, if no) the route map for exporting routes as part of route leaking.
Example:
ngfw> bgp vrf=['Main']> leaking export-route-map TEST
bgp vrf=['name']> leaking [no] import-route-map <route-map-name>Set (or remove, if no) the route map for importing routes as part of route leaking.
Example:
ngfw> bgp vrf=['Main']> leaking import-route-map TEST
bgp vrf=['name']> leaking [no] exportEnable (or disable, if no) route export as part of route leaking.
bgp vrf=['name']> leaking [no] importEnable (or disable, if no) route import as part of route leaking.
show bgp summaryShow summary information about BGP instances and their peers for all VRFs.
Example:
ngfw> show bgp summary
ngfw> show bgp summary
{
"Management":{
}
,
"default":{
"ipv4Unicast":{
"routerId":"1.1.1.1",
"as":65001,
"vrfId":0,
"vrfName":"default",
"tableVersion":0,
"ribCount":1,
"ribMemory":192,
"peerCount":1,
"peerMemory":741976,
"peers":{
"192.168.100.2":{
"hostname":"bgp-docker",
"remoteAs":65002,
"localAs":65001,
"version":4,
"msgRcvd":2,
"msgSent":3,
"tableVersion":0,
"outq":0,
"inq":0,
"peerUptime":"00:00:04",
"peerUptimeMsec":4000,
"peerUptimeEstablishedEpoch":1747989433,
"pfxRcd":0,
"pfxSnt":0,
"state":"Established",
"peerState":"OK",
"connectionsEstablished":1,
"connectionsDropped":0,
"idType":"ipv4"
}
},
"failedPeers":0,
"displayedPeers":1,
"totalPeers":1,
"dynamicPeers":0,
"bestPath":{
"multiPathRelax":"false"
}
}
}
}
show bgp vrf <vrf-name> summaryShow summary information about BGP instances and their peers for the specified VRF.
Example:
ngfw> show bgp vrf Main summary
{
"ipv4Unicast":{
"routerId":"1.1.1.1",
"as":65001,
"vrfId":0,
"vrfName":"default",
"tableVersion":0,
"ribCount":1,
"ribMemory":192,
"peerCount":1,
"peerMemory":741976,
"peers":{
"192.168.100.2":{
"hostname":"bgp-docker",
"remoteAs":65002,
"localAs":65001,
"version":4,
"msgRcvd":2,
"msgSent":3,
"tableVersion":0,
"outq":0,
"inq":0,
"peerUptime":"00:00:50",
"peerUptimeMsec":50000,
"peerUptimeEstablishedEpoch":1747987781,
"pfxRcd":0,
"pfxSnt":0,
"state":"Established",
"peerState":"OK",
"connectionsEstablished":1,
"connectionsDropped":0,
"idType":"ipv4"
}
},
"failedPeers":0,
"displayedPeers":1,
"totalPeers":1,
"dynamicPeers":0,
"bestPath":{
"multiPathRelax":"false"
}
}
}
show bgp detailShow detailed information about BGP instances for all VRFs.
Example:
ngfw> show bgp detail
{
"Management":{
"vrfId": 7,
"vrfName": "Management",
"tableVersion": 0,
"routerId": "2.2.2.2",
"defaultLocPrf": 100,
"localAS": 65008,
"routes": { } }
,
"default":{
"vrfId": 0,
"vrfName": "default",
"tableVersion": 0,
"routerId": "1.1.1.1",
"defaultLocPrf": 100,
"localAS": 65001,
"routes": { } }
}
show bgp vrf <vrf-name> detailShow detailed information about BGP instances for the specified VRF.
Example:
ngfw> show bgp vrf Main detail
{
"vrfId": 0,
"vrfName": "default",
"tableVersion": 0,
"routerId": "1.1.1.1",
"defaultLocPrf": 100,
"localAS": 65001,
"routes": { } }
show bgp (neighbors|peer-groups)Show detailed information about BGP peers/peer groups and their status for all VRFs.
Example:
ngfw> show bgp neighbors
{
"Management":{
"vrfId":7,
"vrfName":"Management"
}
,
"default":{
"vrfId":0,
"vrfName":"default",
"192.168.100.2":{
"remoteAs":65002,
"localAs":65001,
"nbrExternalLink":true,
"localRole":"undefined",
"remoteRole":"undefined",
"hostname":"bgp-docker",
"bgpVersion":4,
"remoteRouterId":"2.2.2.2",
"localRouterId":"1.1.1.1",
"bgpState":"Established",
"bgpTimerUpMsec":246000,
"bgpTimerUpString":"00:04:06",
"bgpTimerUpEstablishedEpoch":1747989434,
"bgpTimerLastRead":6000,
"bgpTimerLastWrite":6000,
"bgpInUpdateElapsedTimeMsecs":2501000,
"bgpTimerConfiguredHoldTimeMsecs":180000,
"bgpTimerConfiguredKeepAliveIntervalMsecs":60000,
"bgpTimerHoldTimeMsecs":180000,
"bgpTimerKeepAliveIntervalMsecs":60000,
"extendedOptionalParametersLength":false,
"bgpTimerConfiguredConditionalAdvertisementsSec":60,
"neighborCapabilities":{
"4byteAs":"advertisedAndReceived",
"extendedMessage":"advertisedAndReceived",
"addPath":{
"ipv4Unicast":{
"rxAdvertisedAndReceived":true
}
},
"longLivedGracefulRestart":"received",
"longLivedGracefulRestartByPeer":{},
"routeRefresh":"advertisedAndReceivedOldNew",
"enhancedRouteRefresh":"advertisedAndReceived",
"multiprotocolExtensions":{
"ipv4Unicast":{
"advertisedAndReceived":true
}
},
"hostName":{
"advHostName":"NGFW",
"advDomainName":"n\/a",
"rcvHostName":"bgp-docker",
"rcvDomainName":"n\/a"
},
"gracefulRestartCapability":"received",
"gracefulRestartRemoteTimerMsecs":120000,
"addressFamiliesByPeer":"none"
},
"gracefulRestartInfo":{
"endOfRibSend":{
"ipv4Unicast":true
},
"endOfRibRecv":{},
"localGrMode":"Disable*",
"remoteGrMode":"NotApplicable",
"rBit":false,
"nBit":false,
"timers":{
"configuredRestartTimer":120,
"receivedRestartTimer":120
}
},
"messageStats":{
"depthInq":0,
"depthOutq":0,
"opensSent":1,
"opensRecv":1,
"notificationsSent":0,
"notificationsRecv":0,
"updatesSent":1,
"updatesRecv":0,
"keepalivesSent":5,
"keepalivesRecv":5,
"routeRefreshSent":0,
"routeRefreshRecv":0,
"capabilitySent":0,
"capabilityRecv":0,
"totalSent":7,
"totalRecv":6
},
"minBtwnAdvertisementRunsTimerMsecs":0,
"addressFamilyInfo":{
"ipv4Unicast":{
"updateGroupId":1,
"subGroupId":1,
"packetQueueLength":0,
"commAttriSentToNbr":"extendedAndStandard",
"acceptedPrefixCounter":0,
"sentPrefixCounter":0
}
},
"connectionsEstablished":1,
"connectionsDropped":0,
"lastResetTimerMsecs":247000,
"lastResetDueTo":"Waiting for peer OPEN",
"lastResetCode":32,
"externalBgpNbrMaxHopsAway":1,
"hostLocal":"192.168.100.1",
"portLocal":60664,
"hostForeign":"192.168.100.2",
"portForeign":179,
"nexthop":"192.168.100.1",
"nexthopGlobal":"::",
"nexthopLocal":"::",
"bgpConnection":"sharedNetwork",
"connectRetryTimer":120,
"estimatedRttInMsecs":3,
"readThread":"on",
"writeThread":"on"
}
}
}
show bgp vrf <vrf-name> (neighbors|peer-groups)Show BGP peers/peer groups in the specified VRF.
Example:
ngfw> show bgp vrf Main neighbors
{
"192.168.100.2":{
"remoteAs":65002,
"localAs":65001,
"nbrExternalLink":true,
"localRole":"undefined",
"remoteRole":"undefined",
"hostname":"bgp-docker",
"bgpVersion":4,
"remoteRouterId":"2.2.2.2",
"localRouterId":"1.1.1.1",
"bgpState":"Established",
"bgpTimerUpMsec":478000,
"bgpTimerUpString":"00:07:58",
"bgpTimerUpEstablishedEpoch":1747989434,
"bgpTimerLastRead":58000,
"bgpTimerLastWrite":58000,
"bgpInUpdateElapsedTimeMsecs":2733000,
"bgpTimerConfiguredHoldTimeMsecs":180000,
"bgpTimerConfiguredKeepAliveIntervalMsecs":60000,
"bgpTimerHoldTimeMsecs":180000,
"bgpTimerKeepAliveIntervalMsecs":60000,
"extendedOptionalParametersLength":false,
"bgpTimerConfiguredConditionalAdvertisementsSec":60,
"neighborCapabilities":{
"4byteAs":"advertisedAndReceived",
"extendedMessage":"advertisedAndReceived",
"addPath":{
"ipv4Unicast":{
"rxAdvertisedAndReceived":true
}
},
"longLivedGracefulRestart":"received",
"longLivedGracefulRestartByPeer":{},
"routeRefresh":"advertisedAndReceivedOldNew",
"enhancedRouteRefresh":"advertisedAndReceived",
"multiprotocolExtensions":{
"ipv4Unicast":{
"advertisedAndReceived":true
}
},
"hostName":{
"advHostName":"NGFW",
"advDomainName":"n\/a",
"rcvHostName":"bgp-docker",
"rcvDomainName":"n\/a"
},
"gracefulRestartCapability":"received",
"gracefulRestartRemoteTimerMsecs":120000,
"addressFamiliesByPeer":"none"
},
"gracefulRestartInfo":{
"endOfRibSend":{
"ipv4Unicast":true
},
"endOfRibRecv":{},
"localGrMode":"Disable*",
"remoteGrMode":"NotApplicable",
"rBit":false,
"nBit":false,
"timers":{
"configuredRestartTimer":120,
"receivedRestartTimer":120
}
},
"messageStats":{
"depthInq":0,
"depthOutq":0,
"opensSent":1,
"opensRecv":1,
"notificationsSent":0,
"notificationsRecv":0,
"updatesSent":1,
"updatesRecv":0,
"keepalivesSent":8,
"keepalivesRecv":8,
"routeRefreshSent":0,
"routeRefreshRecv":0,
"capabilitySent":0,
"capabilityRecv":0,
"totalSent":10,
"totalRecv":9
},
"minBtwnAdvertisementRunsTimerMsecs":0,
"addressFamilyInfo":{
"ipv4Unicast":{
"updateGroupId":1,
"subGroupId":1,
"packetQueueLength":0,
"commAttriSentToNbr":"extendedAndStandard",
"acceptedPrefixCounter":0,
"sentPrefixCounter":0
}
},
"connectionsEstablished":1,
"connectionsDropped":0,
"lastResetTimerMsecs":479000,
"lastResetDueTo":"Waiting for peer OPEN",
"lastResetCode":32,
"externalBgpNbrMaxHopsAway":1,
"hostLocal":"192.168.100.1",
"portLocal":60664,
"hostForeign":"192.168.100.2",
"portForeign":179,
"nexthop":"192.168.100.1",
"nexthopGlobal":"::",
"nexthopLocal":"::",
"bgpConnection":"sharedNetwork",
"connectRetryTimer":120,
"estimatedRttInMsecs":2,
"readThread":"on",
"writeThread":"on"
}
}
show bgp vrf <vrf-name> (neighbor|peer-group) <name>Show information about BGP peer/peer group.
Example:
ngfw> show bgp vrf Main neighbor docker
{
"192.168.100.2":{
"remoteAs":65002,
"localAs":65001,
"nbrExternalLink":true,
"localRole":"undefined",
"remoteRole":"undefined",
"hostname":"bgp-docker",
"bgpVersion":4,
"remoteRouterId":"2.2.2.2",
"localRouterId":"1.1.1.1",
"bgpState":"Established",
"bgpTimerUpMsec":64000,
"bgpTimerUpString":"00:01:04",
"bgpTimerUpEstablishedEpoch":1747991189,
"bgpTimerLastRead":4000,
"bgpTimerLastWrite":4000,
"bgpInUpdateElapsedTimeMsecs":511000,
"bgpTimerConfiguredHoldTimeMsecs":180000,
"bgpTimerConfiguredKeepAliveIntervalMsecs":60000,
"bgpTimerHoldTimeMsecs":180000,
"bgpTimerKeepAliveIntervalMsecs":60000,
"extendedOptionalParametersLength":false,
"bgpTimerConfiguredConditionalAdvertisementsSec":60,
"neighborCapabilities":{
"4byteAs":"advertisedAndReceived",
"extendedMessage":"advertisedAndReceived",
"addPath":{
"ipv4Unicast":{
"rxAdvertisedAndReceived":true
}
},
"longLivedGracefulRestart":"received",
"longLivedGracefulRestartByPeer":{},
"routeRefresh":"advertisedAndReceivedOldNew",
"enhancedRouteRefresh":"advertisedAndReceived",
"multiprotocolExtensions":{
"ipv4Unicast":{
"advertisedAndReceived":true
}
},
"hostName":{
"advHostName":"NGFW",
"advDomainName":"n\/a",
"rcvHostName":"bgp-docker",
"rcvDomainName":"n\/a"
},
"gracefulRestartCapability":"received",
"gracefulRestartRemoteTimerMsecs":120000,
"addressFamiliesByPeer":"none"
},
"gracefulRestartInfo":{
"endOfRibSend":{
"ipv4Unicast":true
},
"endOfRibRecv":{},
"localGrMode":"Disable*",
"remoteGrMode":"NotApplicable",
"rBit":false,
"nBit":false,
"timers":{
"configuredRestartTimer":120,
"receivedRestartTimer":120
}
},
"messageStats":{
"depthInq":0,
"depthOutq":0,
"opensSent":1,
"opensRecv":1,
"notificationsSent":0,
"notificationsRecv":0,
"updatesSent":1,
"updatesRecv":0,
"keepalivesSent":2,
"keepalivesRecv":2,
"routeRefreshSent":0,
"routeRefreshRecv":0,
"capabilitySent":0,
"capabilityRecv":0,
"totalSent":4,
"totalRecv":3
},
"minBtwnAdvertisementRunsTimerMsecs":0,
"addressFamilyInfo":{
"ipv4Unicast":{
"updateGroupId":1,
"subGroupId":1,
"packetQueueLength":0,
"commAttriSentToNbr":"extendedAndStandard",
"acceptedPrefixCounter":0,
"sentPrefixCounter":0
}
},
"connectionsEstablished":1,
"connectionsDropped":0,
"lastResetTimerMsecs":65000,
"lastResetDueTo":"Waiting for peer OPEN",
"lastResetCode":32,
"externalBgpNbrMaxHopsAway":1,
"hostLocal":"192.168.100.1",
"portLocal":45090,
"hostForeign":"192.168.100.2",
"portForeign":179,
"nexthop":"192.168.100.1",
"nexthopGlobal":"::",
"nexthopLocal":"::",
"bgpConnection":"sharedNetwork",
"connectRetryTimer":120,
"estimatedRttInMsecs":4,
"readThread":"on",
"writeThread":"on"
}
}
show bgp configShow current BGP configuration.
Example:
ngfw> show bgp config
{
"ngfw-bgp:bgp-vrfs": {
"bgp": [
{
"vrf": "Main",
"enabled": true,
"as": 65000,
"routerId": "1.1.1.1",
"alwaysCompareMed": {
"enabled": false
},
"gracefulRestart": {
"enabled": false
},
"ipv4Unicast": {
"enabled": true
},
"timers": {
"enabled": false
},
"neighbors": [
{
"name": "TEST",
"params": {
"neighbor": "10.10.10.1",
"remoteAs": 65000,
"timers": {
"enabled": false
},
"softReconfigurationInbound": {
"enabled": false
},
"attributeUnchangedAsPath": {
"enabled": false
},
"attributeUnchangedNextHop": {
"enabled": false
},
"attributeUnchangedMed": {
"enabled": false
},
"nextHopSelf": {
"enabled": false
},
"sendCommunity": {
"enabled": false
},
"routeReflectorClient": {
"enabled": false
},
"shutdown": {
"enabled": false
},
"defaultOriginate": {
"enabled": false
},
"allowAsIn": {
"enabled": false
},
"bfd": {
"enabled": false
}
}
}
],
"routeLeaking": {
"routeDistinguisher": "67000:43",
"exportVpn": false,
"importVpn": false
}
}
]
}
}
show bgp tableShow information about the state of the BGP table.
Example:
ngfw> show bgp vrf=['Main']> table
BGP table version is 1, local router ID is 1.1.1.1, vrf id 0
Default local pref 100, local AS 65000
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i192.168.10.0/24 10.10.10.2 0 100 0 i
Displayed 1 routes and 1 total paths