cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3028
Views
13
Helpful
8
Replies

What is the advantage of BGP transport connection-mode passive

hfakoor222
Spotlight
Spotlight

In this example which is a 60 second read:

https://allthingsnetworking.wordpress.com/2014/11/25/bgp-active-passive/

 

We see passive connection on R1.  Why do this in the real world? Why make the router passive and let the other router take control? 

Security may be one, but what's the practical usage of this in a networking environment?

 

1 Accepted Solution

Accepted Solutions

Hi @Joseph W. Doherty ,

Also, I haven't thought if through, but also wondering whether it might also be used in the

> case of passing a BGP connection through a FW, i.e. basically similar to FTP's

> active/passive modes.

You hit the nail right on the head. This is the perfect use case for this feature and where I have seen it being used.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

8 Replies 8

I check many articles' the only case we use this feature is secuirty.

If we have edge router and we want to prevent edge router to establish bgp with any other router except some' the  we need to make it active peer.

Joseph W. Doherty
Hall of Fame
Hall of Fame

Beside your reference, also found:

https://learningnetwork.cisco.com/s/question/0D53i00000Kt4ehCAB/active-vs-passive-bgp-peering

The prior also references your reference, but also references the following:

https://community.cisco.com/t5/routing/cease-connection-collision-resolution/m-p/3449401?start=0&tstart=0

Also, I haven't thought if through, but also wondering whether it might also be used in the case of passing a BGP connection through a FW, i.e. basically similar to FTP's active/passive modes.

Hi @Joseph W. Doherty ,

Also, I haven't thought if through, but also wondering whether it might also be used in the

> case of passing a BGP connection through a FW, i.e. basically similar to FTP's

> active/passive modes.

You hit the nail right on the head. This is the perfect use case for this feature and where I have seen it being used.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

M02@rt37
VIP
VIP

Hello @hfakoor222,

The term "passive" in this context refers to a configuration where a BGP neighbor is set to establish the connection actively while the other neighbors wait for incoming connections.

The purpose of configuring a router as a passive peer in BGP can vary depending on the network design and requirements.

By designating certain neighbors as passive, you can have more control over the establishment of BGP connections. This can be useful when you want to prioritize or restrict the connection to specific peers.

By distributing the active and passive roles among different routers, you can achieve load balancing and redundancy. Active peers actively initiate connections, while passive peers wait for incoming connections. This setup can help optimize resource utilization and provide backup paths in case of failures.

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

BUT the Firewall is add behind the edge router. 
the active/passive is effect how is initiate the BGP TCP session.

"BUT the Firewall is add behind the edge router."

Usually, but doesn't have to be.  Consider a Transparent FW.

I need to check something but that need lab to be sure

The design of hub and spoke with bgp group. I need to see hun and spoke behavior with passive and active config.

hfakoor222
Spotlight
Spotlight

Thanks all for the help.

Review Cisco Networking for a $25 gift card