Technical Tip: Community lists in BGP to achieve logical 'AND' or 'OR' operations

syao · ‎04-28-2024

Description

This article explains how to use community lists in BGP to achieve logical 'AND' or 'OR' operations when matching prefixes with multiple BGP communities. This can help filter or manipulate routes based on specific combinations of community attributes.

Scope

FortiGate v6.2 or above.

Solution

Consider a situation where FortiGate is receiving the following BGP prefixes (1.1.1.1/32, 2.2.2.2/32, 3.3.3.3/32) with each containing community attributes.

To match the community attribute of 100:100 OR 200:200, use the community list format as shown below:

config router community-list
edit "OR"
config rule
edit 1
set action permit
set match "100:100"
next
edit 2
set action permit
set match "200:200"
next
end
next
end

To match the community attribute of 100:100 AND 200:200, use the community list format as shown below:

config router community-list
edit "AND"
config rule
edit 1
set action permit
set match "100:100 200:200"
next
end
next
end

Additionally, it is possible to check the BGP prefixes that match the community list using the command 'get router info bgp network community-list <community-list-name>':

Technical Tip: Community lists in BGP to achieve logical 'AND' or 'OR' operations

You are leaving our website