Create BGP route policies
This guide describes how to create BGP route policies in Cloud Router.
You can create BGP route policies for Cloud Router using any of the following:
- Use your preferred text editor to create a BGP route policy, and then use the gcloud CLI to upload the BGP route policy
Build a BGP route policy
Add a route policy to your Cloud Router:
gcloud compute routers add-route-policy ROUTER_NAME \ --policy-name=BGP_ROUTE_POLICY_NAME \ --policy-type=ROUTE_POLICY_TYPE \ --region=REGIONReplace the following:
ROUTER_NAME: the name of the Cloud RouterBGP_ROUTE_POLICY_NAME: a name for the BGP route policyROUTE_POLICY_TYPE: the type of policy to add, eitherIMPORTfor inbound routes, orEXPORTfor outbound routes.REGION: the region that the Cloud Router is located in
For example, the following command adds a route policy for inbound routes to your Cloud Router:
gcloud compute routers add-route-policy ROUTER_NAME \ --policy-name=BGP_ROUTE_POLICY_NAME \ --policy-type=IMPORT \ --region=REGIONAdd a BGP route policy term by running the following command:
gcloud compute routers add-route-policy-term ROUTER_NAME \ --policy-name=BGP_ROUTE_POLICY_NAME \ --region=REGION \ --priority=ROUTE_POLICY_PRIORITY \ --match=ROUTE_POLICY_MATCH_EXPRESSION \ --actions=ROUTE_POLICY_ACTIONS_EXPRESSIONReplace the following:
ROUTE_POLICY_PRIORITY: the priority for this policy, such as1`.ROUTE_POLICY_MATCH_EXPRESSION: an expression to match for this route policyROUTE_POLICY_ACTIONS_EXPRESSION: actions for this route policy
For example, the following command creates a BGP policy to set the BGP multiple exit discriminator (MED) attribute value to
12345for BGP routes that aren't included in192.168.10.0/24and that match the set of BGP communities65000:1and65000:2.gcloud compute routers add-route-policy-term ROUTER_NAME \ --policy-name=BGP_ROUTE_POLICY_NAME \ --region=REGION \ --priority=ROUTE_POLICY_PRIORITY \ --match='destination != "192.168.10.0/24" && communities.matchesEvery(["65000:1", "65000:2"])' \ --actions='med.set(12345)'Replace
ROUTE_POLICY_PRIORITYwith the priority you want for this policy, such as1.
Upload a BGP route policy
Create the BGP route policy in your preferred text editor. You can use JSON or YAML formatting to create your BGP route policy. The following example uses a YAML file:
name: BGP_ROUTE_POLICY_NAME type: ROUTE_POLICY_TYPE terms: - priority: ROUTE_POLICY_PRIORITY match: expression: > ROUTE_POLICY_MATCH_EXPRESSION actions: - expression: ROUTE_POLICY_ACTIONS_EXPRESSIONReplace the following:
BGP_ROUTE_POLICY_NAME: a name for the BGP route policy.ROUTE_POLICY_TYPE: the type of BGP route policy you're creating. The type can be one of the following:ROUTE_POLICY_TYPE_IMPORT: BGP route policies for inbound routes.ROUTE_POLICY_TYPE_EXPORT: BGP route policies for outbound routes.
ROUTE_POLICY_PRIORITY: the priority for this policy, such as1.ROUTE_POLICY_MATCH_EXPRESSION: an expression to match for this route policyROUTE_POLICY_ACTIONS_EXPRESSION: actions for this route policy
For example, the following YAML file command creates a BGP policy for inbound routes that sets the BGP multiple exit discriminator (MED) attribute value to
12345for BGP routes that aren't included in192.168.10.0/24and that match the set of BGP communities65000:1and65000:2.# Set the MED value for BGP routes that aren't 192.168.10.0/24 and # communities that include (65000:1, 65000:2) name: BGP_ROUTE_POLICY_NAME type: ROUTE_POLICY_TYPE_IMPORT terms: - priority: 1 match: expression: > destination != '192.168.10.0/24' && communities.matchesEvery(['65000:1', '65000:2']) actions: - expression: med.set(12345)Upload the BGP route policy:
gcloud compute routers upload-route-policy ROUTER_NAME \ --region=REGION \ --policy-name=BGP_ROUTE_POLICY_NAME \ --file-name=FILE_NAME \ --file-format=yamlReplace the following:
ROUTER_NAME: the name of the Cloud RouterREGION: the region the Cloud Router is inFILENAME: the filename that you're uploading
Apply the BGP route policies to BGP peers:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --region=REGION \ --peer-name=PEER_NAME \ --import-policies='IMPORT_POLICIES'Replace the following:
PEER_NAME: the BGP peer's name to apply the BGP route policy to.IMPORT_POLICIES: a comma-separated list of import policies. Passing an empty string removes all import policies.