[c-nsp] BGP support on the new ASA5585-X

[Phil Mayers]

> oh all right.  I just don't like the idea, that's all. I put this dislike
> down to excessive exposure to Checkpoint FW-1 + ospf in a previous
> existence.  It still makes me shudder to think about it.

Yikes!

A somewhat-relevant point: we use two netscreen 5400s with BGP routing 
to split the traffic between them. One reason that BGP specifically is a 
useful protocol is that (of course) outbound and inbound traffic must be 
routed along the same paths. BGP provides the necessary path control 
knobs to do this.

Doing it with OSPF is very hard (we used to, but it required active 
tuning of the OSPF metrics on the routed p2p inside the firewalls - yuck)