cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

AWS BGP Graceful Restart

Does anyone know if AWS supports the BGP "Graceful restart" option?

We have an issue similar to:

https://community.checkpoint.com/t5/General-Topics/R80-20-Gaia-ClusterXL-HA-BGP-Routing-Causes-Outag...

where we have an on-prem ClusterXL GW's uplinked to AWS Direct Connect, and failovers cause a brief outage. 

Also, what is the harm in enabling without first confirming if supported/enabled on the peer?

0 Kudos
3 Replies

Re: AWS BGP Graceful Restart

Hi Jose,

Graceful Restart is a important configuration when BGP protocol is configured in cluster enviroments. I didn't find any documents with a limitation and if I'm not wrong, the document provided by AWS when you are creating a VPN has a recommendation about enable Graceful Restart on Check Point gateway.

I don't see any problem if you enable Graceful Restart. Are you using VTIs interfaces? Could you confirm that are you have 3 IP's for each point-to-point configured on cluster? 

Regards,

Alisson Lima
Compugraf

 

0 Kudos
Highlighted

Re: AWS BGP Graceful Restart

Yes, we are using VTI's for VPN tunnels and VLAN interfaces for Direct Connect. Both with /29's so we can get all three IP addresses setup. Traffic flow is fine and we just have that hiccup during failovers. Traffic flow does resume.

Also, the configuration download AWS offers does not seem to mention graceful restart. Just DPD and MSS as recommendations. I do see the AWS configuration download option now offers R80.10+ (in addition to the original R77.10+ option), but still no graceful restart mentioned.

We just wanted to avoid a change window if we know if will cause other issues by enabling. Thanks.

 

0 Kudos
abihsot__
Copper

Re: AWS BGP Graceful Restart

Hi there,

Have you enabled graceful restart on checkpoint side? Did it helped?

0 Kudos