Created on 03-21-2019 12:47 AM Edited on 10-17-2022 05:20 AM By Jean-Philippe_P
Description
The article explains how the correct AS paths can be advertised in case of scenarios where multiple local AS needs to be configured.
Scope
Note: This article only concerns versions greater than or equal to FortiOS 5.4.2 since the local-AS functionality has only been implemented since that version.
Solution
BGP Configuration:
# config router bgp
set as 12345
set router-id 5.5.5.5
# config neighbor
edit "10.40.51.61"
set remote-as 60000
set local-as 56300
set local-as-replace-as enable
set send-community6 disable
next
end
# config network
edit 1
set prefix 5.5.5.5 255.255.255.255
next
end
Output verification:
get router info bgp neighbors 10.40.51.11 routes
BGP table version is 8, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight RouteTag Path
*> 5.5.5.5/32 10.40.51.11 0 0 0 56300 i
Total number of prefixes 1
If the specified command 'set local-as-replace-as enable' is not added, then the peer will receive the routes with two AS numbers as seen below:
get router info bgp neighbors 10.40.51.11 routes
BGP table version is 7, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight RouteTag Path
*> 5.5.5.5/32 10.40.51.11 0 0 0 56300 12345 i
Total number of prefixes 1
Notes:
- This particular configuration can only be done over the CLI until FortiOS version 7.0.
- This option is made available on GUI also from FortiOS version 7.2.0 and above.
- Specifying only the local-as alone and leaving the global command 'set as 12345' will not work as the global command is required to initiate the BGP session.
Related Articles:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.