Skip to main content
kemeris
kemeris
New Member
May 22, 2025
Question

Is it possible to announce a default route as an EVPN Type-5 route from a FortiGate VM?

  • May 22, 2025
  • 6 replies
  • 1515 views

I have working EVPN setup to Proxmox SDN, how to announce a default route as an EVPN Type-5 route?

Also how to list evpn advertised-routes to certain peer? As i understand this is for unicats address family only:

get router info bgp neighbors 10.0.4.1 advertised-routes

 

My current configuration

config system evpn edit 10001 set rd "65000:200001" set import-rt "65000:200001" set export-rt "65000:200001" set ip-local-learning enable set arp-suppression enable next edit 10002 set rd "65000:200002" set import-rt "65000:200002" set export-rt "65000:200002" set ip-local-learning enable set arp-suppression enable next end   config system vxlan edit "vxlan200001" set interface "port2" set vni 200001 set evpn-id 10001 set learn-from-traffic enable next edit "vxlan200002" set interface "port2" set vni 200002 set evpn-id 10002 set learn-from-traffic enable next config system switch-interface edit "sw-vxlan200001" set vdom "root" set member "vxlan200001" next edit "sw-vxlan200002" set vdom "root" set member "vxlan200002" set intra-switch-policy explicit next end  config router bgp set as 65000 set router-id 10.0.7.2 set ibgp-multipath enable set recursive-next-hop enable set graceful-restart enable config neighbor-group edit "proxmox" set activate-vpnv4 disable set activate-vpnv6 disable set capability-graceful-restart enable set capability-graceful-restart-evpn enable set capability-default-originate enable set link-down-failover enable set soft-reconfiguration enable set soft-reconfiguration-evpn enable set remote-as 65000 set restart-time 120 next end config neighbor-range edit 1 set prefix 10.0.4.0 255.255.252.0 set neighbor-group "proxmox" next end config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end

 

6 replies

Anthony_E
Staff
Anthony_E
Staff
May 26, 2025

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
Anthony_E
Staff
Anthony_E
Staff
May 27, 2025

Hello,

 

The documentation does not explicitly state that a default route can be announced as an EVPN Type-5 route from a FortiGate. However, EVPN Type-5 routes are used for IP prefix routes, which may include default routes. Further configuration details or confirmation from Fortinet support may be required: https://support.fortinet.com/welcome/#/

 

Regards,

Best Regards
kemeris
kemerisAuthor
New Member
May 27, 2025

As I understand Fortigate does not support it, so it's not suitable for us.

 

Thank you for your answer @Anthony_E.

Anthony_E
Staff
Anthony_E
Staff
May 27, 2025

Hello,

 

My advice is to contact our support, they will be more technic for helping you :).

https://support.fortinet.com/welcome/#/

 

I hope you will find with them, a more complete answer.

 

Regards,

Best Regards
    kemeris
    kemerisAuthor
    New Member
    July 29, 2025

    I have contacted support, they provided link to this thread as answer. That was last respond from them. Great support.

      Anthony_E
      Staff
      Anthony_E
      Staff
      July 29, 2025

      Hi Kemeris,

       

      I am really glad the support could provide the solution!

       

      Regards,

      Best Regards
      kemeris
      kemerisAuthor
      New Member
      July 30, 2025

      Actually they are not. They provided this unsolved thread as answer for my support ticket. This thread and support ticket contains same question.

       

      FortiGab
      FortiGab
      Explorer
      September 5, 2025

      did u fix it?

      i guess are you trying to achieve inter-vlan routing into a vxlan/evpn design

      route 5 types are not supported https://community.fortinet.com/t5/FortiGate/Technical-Tip-EVPN-Route-Type-supported-by-FortiOS/ta-p/330409

       

       

        kemeris
        kemerisAuthor
        New Member
        September 8, 2025

        No, i am not. As i understand "These routes will not be installed in FortiGate's BGP table" is talking about received routed. I try to do opposite, I need to announce Type-5 0.0.0.0 from Fortigate.

        Terms & ConditionsAccessibility statement