BGP Path vs Routing Table

Forum|Forum|1 year ago
March 29, 2025
1 reply
832 views

i have tunnel to connect from branch to the datacenter but the traffic seem goes to wrong path.

In the BGP path i can see the next hops is right where pointed to the tunnel ip, but in the routing table traffic to datacenter forwarded to the internet gateway. Anyone why in the routing table the traffic forwarded to the internet?

Screenshot 2025-03-29 205251.png

FortiGate

Toshi_Esumi

SuperUser

You asked the same question before.

https://community.fortinet.com/t5/Support-Forum/BGP-Path/m-p/381817#M265724

If you don't want the behavior of ADVPN, which is designed for, you should stop using ADVPN and set up simple iBGP mesh (or without mesh) network among your locations. Then those direct eBGP routes from datacenter/Azure would take precedence at each location.

I remember you so I can tell this but others who see this post first time wouldn't understand what's going on because you don't describe the entire picture of your network.

Toshi

HS08Author

Visitor III

Hello,

sorry for confuse. I'm still new in advpn so need some guidance from expert here.

my topology is like below pic, traffic from spoke1 to spoke2 is running fine.

When i try to disable tun0 on spoke2 (10.10.111.6), traffic from spoke2 can't reach spoke1.

When i check in the BGP path traffic to spoke1 subnet 10.100.0.0/16 set the nexthop to 10.10.111.2. I think this is incorrect way since tun0 on spoke2 already disabled.

I believe the hub still advertise subnet spoke1 via 10.10.111.2 to all spoke since this is valid path from hub perspective but not valid for spoke2 perspective.

The right path should be use 10.10.112.2 or tun1 if tun0 goes down. Am i right?