Posts Fortigate BGP Route Is Not Advertising
Post
Cancel

Fortigate BGP Route Is Not Advertising

Posted Sep 10, 2020 2020-09-10T16:00:00+02:00 by mooncakeza

I configured a new subnet, 10.0.4.0/24, for BGP in the prefix-list but it did not show up in the advertised routes.

To find the name of your prefix-list run the command show router prefix-list. in the below example, it is called “NAME-OUT”

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

firewall-01 # show router prefix-list
config router prefix-list
	edit "NAME-OUT"
		config rule
			edit 1
				set prefix 10.0.2.0 255.255.255.0
				unset ge
				unset le
			next
			edit 2
				set prefix 10.0.3.0 255.255.255.0
				unset ge
				unset le
			next
			edit 2
				set prefix 10.0.4.0 255.255.255.0
				unset ge
				unset le
			next
		end
	next
end

It showed up in the prefix-list

1
2
3
4
5
6
7
8
9

firewall-01 # get router info bgp prefix-list NAME-OUT
BGP table version is 2, local is 10.10.10.1
Status codes:s suppressed, d damped, h history, *valid > best, -i internal, S Stale
Origin codes:i - IGP, e - EGP, ? - incomplete

Network		Next Hop	Metric LocPrf Weight Path
*> 10.0.2.0/24	10.0.0.1	33456 ?
*> 10.0.3.0/24	10.0.0.1	33456 ?
*> 10.0.4.0/24	10.0.0.1	33456 ?

But not in the advertised routes

1
2
3
4
5
6
7
8

firewall-01 # get router info bgp neighbors 10.10.10.1 advertised-route
BGP table version is 2, local is 10.10.10.1
Status codes:s suppressed, d damped, h history, *valid > best, -i internal, S Stale
Origin codes:i - IGP, e - EGP, ? - incomplete

Network		Next Hop	Metric LocPrf Weight Path
*> 10.0.2.0/24	10.0.0.1	33456 ?
*> 10.0.3.0/24	10.0.0.1	33456 ?

To resolve this I needed to do a BGP soft reset

1

exec router clear bgp all soft

Once that was done, the new subnet showed up in the advertised routes

1
2
3
4
5
6
7
8
9

firewall-01 # get router info bgp prefix-list NAME-OUT
BGP table version is 2, local is 10.10.10.1
Status codes:s suppressed, d damped, h history, *valid > best, -i internal, S Stale
Origin codes:i - IGP, e - EGP, ? - incomplete

Network		Next Hop	Metric LocPrf Weight Path
*> 10.0.2.0/24	10.0.0.1	33456 ?
*> 10.0.3.0/24	10.0.0.1	33456 ?
*> 10.0.4.0/24	10.0.0.1	33456 ?

If it doesn’t show up, make sure you have a static route for the subnet.

1
2
3
4

firewall-01 # get router info routing-table static
S    10.0.2.0/24 [10/0] via 10.10.1.1, port1
S    10.0.3.0/24 [10/0] via 10.10.1.1, port1
S    10.0.4.0/24 [10/0] via 10.10.1.1, port1
blog, fortigate
fortigate fortinet firewall
This post is licensed under CC BY 4.0 by the author.

Recent Update

Contents

Fortigate SNMPD Process Crashing

Aliases With bashrc