advertising virtual IP's over BGP ? is that possible

Forum|Forum|8 years ago
November 30, 2017
1 reply
6603 views

Hi

using fortiOS 5.4 , I want to advertise virtual IP's over BGP.

is it possible at all ? if so , how is it done ?

Thanks

Nir

blackhole_route

New Member

Typically this would be done (or at least, how I've done it in our environment) by adding blackhole routes for your vip's (or ideally, subnet allocated for vip's). Basically, the idea is to get the routes into your route table where they are then available to redistribute to bgp, and then to bgp neighbors. AFAIK, there is not a magical "redistribute VIP's to bgp" option.

To redistribute the static routes into bgp, you'll need to:

config router bgp

config redistribute static

set status enable

<optional> set route-map '<xyz>'

end

The route map is optional - just depends on what you want to do when you push static routes into bgp for redistribution.

This will get the routes available to redistribute via bgp - normal bgp route maps and peering configuration applies.

nirtzenAuthor

New Member

thanks Blackhole . it worked .

configured a blackhole route to each VIP and advertised static routes , also used route maps.

so I have VIP 1to1 ,and ip-pool 1to1 , I routed between two vpn tunnels and my goal was to not expose internal subnet of one of them. I advertised the VIP's the way you suggested ,then created policy rules with SNAT and DNAT and basically have connectivity between the two tunnels. it was very helpful !

Nirtzen

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded