is it possible to load balance eBGP routes with iBGP?

Forum|Forum|3 years ago
September 11, 2022
1 reply
2043 views

.

FortiGate

gfleming

Staff

Does the IPVPN link terminate at every site on every FortiGate? What is on the other end of the IPVPN link? Is it a FortiGate or something else? Just trying to better understand your topology..

You should be able to get eBGP routes into iBGP. That's a fairly basic process of BGP.

Can you post the relevant BGP configs you have today on your Fortigate and, if possible, the IPVPN remote device?

austinmas1987Author

Visitor III

.

gfleming

Staff

OK perhaps I am a bit confused on what's going on here. Is the IPVPN a secondary link you want to add to all sites to send VPN traffic over in addition to your existing WAN link?

If so, the routes you receive from the IPVPN link should get installed in the FGT routing table just the same as any other route, regardless of whether it is RIP, BGP, OSPF, etc.

You FGT should have routes from the iBGP process on the ADVPN and the eBGP process on the IPVPN. You should be able to ping all sites over either the ADVPN links or the IPVPN links.

You'll want to create another VPN overlay on the IPVPN links and join that to your ADVPN and then you'll have new routes in iBGP from the overlay.

If you want to use ADVPN over the link you will use the eBGP routes of the IPVPN to create the overlay and then you will have new routes from the overlay installed in iBGP. SD_WAN can take care of load balancing.

Does this make sense or am I lost still?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded