Skip to main content
Bubbabowski
Bubbabowski
New Member
March 18, 2019
Solved

BGP Set Community command

  • March 18, 2019
  • 1 reply
  • 9658 views

We're configuring our Internet circuit for BGP.  I've been instructed by our Network Provider to set our community to 100:999.  The 999 will allow for a subnet smaller than /24 to be announced.  What is the command or process to do this on the Fortigate 500e?

I believe it would be the Cisco equivalent of 'set community 100:999'

Thanks!

Best answer by Toshi_Esumi

I'm not sure if your provider accepts all your internal prefixes/routes advertised toward their end with the community, or just public subnets you got assigned from them. The community needs to be defined under "config router community-list". If you can/want to advertise all of them, you can follow the KB below:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD31516

But even if it works for now, soon or later you need/want to control what to be advertised. At that time, you need to define prefix-lists and match them in the same route-map and filter out the rest.

1 reply

Toshi_Esumi
SuperUser
Toshi_EsumiAnswer
SuperUser
March 18, 2019

I'm not sure if your provider accepts all your internal prefixes/routes advertised toward their end with the community, or just public subnets you got assigned from them. The community needs to be defined under "config router community-list". If you can/want to advertise all of them, you can follow the KB below:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD31516

But even if it works for now, soon or later you need/want to control what to be advertised. At that time, you need to define prefix-lists and match them in the same route-map and filter out the rest.

Bubbabowski
BubbabowskiAuthor
New Member
March 18, 2019

You are correct.  We want to advertise the prefix of a public IP Block that we own.  Example, but not really our IP Block:

config neighbor

edit 1.1.1.1

set local-as 65001

set prefix 12.34.45.67/26

 

Is this how you are recommending making the route-map change:

http://help.fortinet.com/cli/fos50hlp/56/Content/FortiOS/fortiOS-cli-ref-56/config/router/community-list.htm

 

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
March 18, 2019

No. That's for filtering prefixes that already have a community attached.  More like below:

 

config router prefix-list

  edit "public-net"

    config rule

      edit 1

        set prefix 12.34.56.78 255.255.255.192

        unset ge

        unset le

      next

    end

  next

end

 

config router route-map

  edit "announce-public"

    config rule

      edit 1

       set match-ip-address "public-net"

       set set-community "COMM_LIST_NAME"

      next

    end

  next

end

 

If it's assigned to one of FGT's interface, don't forget to enable "redistribute connected". If it's not in BGP table, above scheme wouldn't work.

     

 

 

 

 

Terms & ConditionsAccessibility statement