Description
This article describes the behavior of administrative distance and route installation into active routing table when same route is received from a different peer of the same routing protocol.
Scope
FortiGate.
Solution
BGP in this example has the option of configuring the admin-distance for routes using prefix lists:
config router access-list
edit "int-routes"
config rule
edit 1
set prefix 10.10.10.0 255.255.255.0
set exact-match enable
end
end
config router bgp
config admin-distance
edit 1
set neighbour-prefix 192.168.79.254 255.255.255.255
set route-list "int-routes"
set distance 110
next
edit 2
set neighbour-prefix 192.168.239.254 255.255.255.255
set route-list "int-routes"
set distance 120
end
end
In the above example, same route 10.10.10.0/24 is being received from two BGP peers and the administrative distance being set is different. Normally, the route learned via neighbor 192.168.79.254 is expected to be added to the routing table as it has the smaller AD of 110.
However, since the same routing protocol is used, which is BGP in this case, the comparison is done based on the BGP attributes.
get router info bgp network 10.10.10.0/24
BGP routing table entry for 10.10.10.0/24
65002 65002 65002 65001
192.168.79.254 from 192.168.79.254 (1.1.1.1)
Origin IGP metric 10, localpref 99, valid, external
Community: 3257:2170
Last update: Wed Jun 24 14:07:38 2020
65000 65000 65001
192.168.239.254 from 192.168.239.254 (2.2.2.1)
Origin IGP metric 10, localpref 100, valid, external, best
Last update: Wed Jun 24 14:07:40 2020
As can be seen from the above output, the second route is selected as the best. Regardless of the distance when checking in the routing table, the route learned via neighbor 192.168.239.254, which has a higher AD of 120, will be added.
This is because this route is selected as preferred whena comparison was done for routes based on BGP attributes.
get router info routing-table details | grep 10.10.
B 10.10.10.0/24[120/10] via 192.168.239.254, ext_vpn
The route selection process is as follows:
To sum it up, the functionality of howthe route gets installed is as follows:
Note:
By default, BGP Administrative distance is 20 for External BGP and 200 for Internal BGP (iBGP)
Related articles:
Troubleshooting Tip: To prefer the specific OSPF route over EBGP
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.