How BGP Advertises Mobile User IP Address Pools

If you enable BGP for service connections or remote network connections, after you Configure the GlobalProtect Cloud Service for Mobile Users , the GlobalProtect cloud service allocates the mobile user IP address pools you specified using Class C (/24) address blocks. BGP therefore advertises allocated mobile user subnets in blocks of /24, rather than the entire pool(s) associated with that region. When the GlobalProtect cloud service adds a /24 subnet for a cloud gateway, it automatically sends a BGP advertisement. As subnets are added and removed, the GlobalProtect cloud service automatically updates its BGP advertisements. This allocation method provides more flexibility when advertising BGP routes, especially if you configured a Worldwide pool instead of allocating pools per region. Dividing the IP address pool into smaller subnets allows the same subnet to be added, removed, or deleted and then reused in different regions when allocated address space is exhausted.
The following screenshot, from PanoramaCloud ServicesStatusNetwork DetailsMobile Users, shows three /20 IP pools for mobile users divided by region.
mobile-users-ip-pools.png
The RIB Out table, from PanoramaCloud ServicesStatusNetwork DetailsService ConnectionShow BGP Status (in the Branch AS and Router area), shows the mobile users address pool being divided into blocks of /24 subnets for BGP route advertisements. Note that the entire /20 subnets are not advertised.
bgp-status-rib-out.png

Related Documentation