Apply BGP route policies
This guide describes how to apply BGP route policies in Cloud Router.
Create a BGP peer with policies applied
When creating a new BGP peer with import or export policies already applied, the route policies must already exist. The BGP peer autonomous system number (ASN) must be a 16-bit or 32-bit private ASN. See RFC 6996.
Create a new BGP peer with BGP route policies applied:
gcloud compute routers add-bgp-peer ROUTER_NAME \
--interface=INTERFACE \
--peer-name=PEER_NAME \
--peer-asn=PEER_ASN \
--import-policies=IMPORT_POLICIES \
--export-policies=EXPORT_POLICIES
Replace the following:
ROUTER_NAME: the name of the Cloud Router to add the new BGP peer toINTERFACE: the name of the interface for the new BGP peerPEER_NAME: the name for the new BGP peer to apply the policies toPEER_ASN: the BGP ASN for the new BGP peerIMPORT_POLICIES: a comma-separated list of import policies to apply to the new BGP peerEXPORT_POLICIES: a comma-separated list of export policies to apply to the new BGP peer
Update a BGP route policy applied to an existing BGP peer
When you update BGP route policies applied to a BGP peer, the policies replace existing BGP policies. Each policy type is updated independently.
For example, assume you have a BGP peer with the my-import-policy and
my-export-policy route policies applied.
gcloud compute routers update-bgp-peer Router --peer-name=Name \
--import-policies= \
--export-policies=my-export-policy1,my-export-policy2
This command removes all existing import policies for the listed BGP peer, and
replaces the existing export policy for the peer with my-export-policy1,my-export-policy2.
Any peer, import policies, or export policies must already exist.
Add a BGP route policy to an existing BGP peer:
gcloud compute routers update-bgp-peer ROUTER_NAME \
--peer-name=PEER_NAME \
--import-policies=IMPORT_POLICIES \
--export-policies=EXPORT_POLICIES
Replace the following:
ROUTER_NAME: the name of your Cloud RouterPEER_NAME: the name of the BGP peer that the policies apply toIMPORT_POLICIES: a comma-separated list of import policies to apply to the BGP peerEXPORT_POLICIES: a comma-separated list of export policies to apply to the BGP peer
Download a BGP route policy
Download a YAML file of the BGP route policy to your computer:
gcloud compute routers download-route-policy ROUTER_NAME \
--policy-name=BGP_ROUTE_POLICY_NAME \
--file-name=FILE_NAME
Replace the following:
ROUTER_NAME: the name of your Cloud RouterBGP_ROUTE_POLICY_NAME: the name of the BGP route policy that you want to exportFILE_NAME: the name of the file to download the route policy to
You can also export the BGP route policy to a JSON file:
gcloud compute routers download-route-policy ROUTER_NAME \
--policy-name=BGP_ROUTE_POLICY_NAME \
--file-name=FILE_NAME \
--format=json
Display a BGP route policy
View a YAML representation of a BGP route policy:
gcloud compute routers get-route-policy ROUTER_NAME \
--policy-name=BGP_ROUTE_POLICY_NAME
Replace the following:
ROUTER_NAME: the name of your Cloud RouterBGP_ROUTE_POLICY_NAME: the name of the BGP route policy that you want to export
View a JSON representation of a BGP route policy:
gcloud compute routers get-route-policy ROUTER_NAME \
--policy-name=BGP_ROUTE_POLICY_NAME \
--format=json
What's next
- Create BGP route policies
- To learn more about Router Google Cloud CLI commands, see gcloud compute routers in the Google Cloud SDK documentation.