Palo Alto Networks Knowledgebase: BGP Route Aggregation Policies

BGP Route Aggregation Policies

Created On 08/05/19 19:56 PM - Last Updated 08/05/19 20:11 PM
Device Management Initial Configuration Installation QoS Zone and DoS Protection


The Palo Alto Networks firewall does not advertise an aggregated route to its peer when it receives a prefix falling within the aggregated route range from the same peer.


For example:

The Palo Alto Networks firewall has  routes for, and in its local-rib. It has been configured with an export policy to aggregate the routes into and advertise this /16 route to its peer, as shown below.

The peer has a route for, in its local rib, that it wants to advertise to the Palo Alto Networks firewall. The peer does not learn the aggregated, but learns the more specific routes, and from the firewall.



If the Palo Alto Networks firewall learns a prefix from a peer that is part of the aggregated route that is advertised to the same peer, the firewall advertises the more specific routes under the aggregated route to the peer.


owner: kprakash

  • Print
  • Copy Link

Choose Language