Explorer II

Question

iBGP multipath in ADVPN - SDWAN

Forum|Forum|4 years ago
March 2, 2022
5 replies
5205 views

Hello, I have 2 spokes and a branch..

Spoke 1 and Spoke 2 has 2 MPLS underlays. Hub has 2 MPLS and internet underlay (Internet underlay to handle traffic from other spokes). Spoke1 LAN network 10.1.1.0/24, Spoke2 LAN network 10.11.1.0/24..

I did ADVPN configs with all recommended commands at HUB and spoke (Netdevice disabled at Hub and Netdevice enabled at spoke, auto discovery etc).. Since I have two underlays in each spoke and two MPLS at HUB, I will have 4 tunnels (4paths) from each spoke to Hub. so my spoke 1 advertises 10.1.1.0/24 over 4 tunnels to HUB.. Hub is receiving it and could see 4 routes in the command output of get rotuer info routing table bgp. But when I use the command get router info bgp network, I could see only 2 routes have been selected as best (instead of 4). This two routes are getting advertised as 6 routes (with same next hop) to spoke 2... The next hop is not showing in the route table so that ADVPN gets established.. but I could see the IPs of the two dialup tunnel IP (which is not getting selected as best route in ) in the routing table as directly connected route. I am not sure, what config I have missed in BGP to see this behaviour. Due to this my ADVPN not working..

FortiGate

Anthony_E

Staff

Hello rajamanickam,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Best Regards

Anthony_E

Staff

Hi Raja,

I have made some research in our Knowledge Base:

https://community.fortinet.com/t5/forums/searchpage/tab/message?searchString=ADVPN&from=0&sortby=_score&orderBy=desc&pageNo=1&aggregations=%5B%7B%22type%22%3A%22_index%22%2C%22filter%22%3A%5B%22server_community%22%5D%7D%2C%7B%22type%22%3A%22_type%22%2C%22filter%22%3A%5B%22tkb%22%5D%7D%2C%7B%22type%22%3A%22boardName%22%2C%22filter%22%3A%5B%22FortiGate%22%5D%7D%5D&uid=8021d0dd-1517-11ec-b3e2-0242ac12000d&resultsPerPage=10&exactPhrase=&withOneOrMore=&withoutTheWords=&pageSize=10&language=en&state=2&suCaseCreate=false

There is a list of articles which could be useful for you.

Could you please have a look and tell me if it helped you?

If not, we will find another way to reply to your answer.

Regards,

Best Regards

rajamanickamAuthor

Explorer II

Hi, Let me go through this link...

akristof

Staff

Hello,

If you didn't check this, check this:

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/773406/bgp-multiple-path-support

With 4 tunnels, this example should be exactly your scenario.

rajamanickamAuthor

Explorer II

Thanks for the link, after configuring additional path 4. I could see DC electing 4 best paths which are being advertised to other branches. But however still ADVPN is not working. I have raised a TAC case on this. Since I have all required policies, SDWAN rules, routes but still ADVPN between branches are not working.

Regards

Raja

martini

New Member

Did you every get this issue resolved?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded