Fortinet Community

EBGP peering between FGT1 and FGT2 is up. In this lab setup, both FGT units are advertising their Loopback interfaces via eBGP to each other.
Outputs from FGT1:

# FGT1# get router info bgp summary
BGP router identifier 3.3.3.3, local AS number 65003
BGP table version is 11
2 BGP AS-PATH entries
0 BGP community entries

Neighbor        V         AS  MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.56.240.2   4      65004    670      667       10            0    0        2d15h37m        2

Total number of neighbors 1

FGT1 is advertising and is learning two routes.  Command to verify the routes FGT1 is advertising to FGT2 is:

# get router info bgp neighbors <neighbor IP> advertised-routes

Eg:

FGT1 # get router info bgp neighbors 10.56.240.2 advertised-routes
BGP table version is 11, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric  LocPrf   Weight   RouteTag Path
*> 3.3.3.3/32       10.56.240.1                     100     32768        0              i
*> 50.50.50.50/32   10.56.240.1               100     32768        0              i

Total number of prefixes 2

Commands to verify routes that FGT1 is receiving from the BGP peer FGT2 are:

# get router info bgp neighbors <neighbor IP> received-routes
# get router info bgp neighbors <neighbor IP> routes      

Command “get router info bgp neighbors <neighbor IP> routes” shows only filtered(in) received routes. If received routes aren’t filtered, then the output of these commands will be same. 

Eg:

# FGT1 # get router info bgp neighbors 10.56.240.2 received-routes
BGP table version is 11, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight RouteTag Path
*> 4.4.4.4/32       10.56.240.2                               0           0        65004 i
*> 75.75.75.75/32   10.56.240.2                          0          0         65004 i

Total number of prefixes 2

# FGT1 # get router info bgp neighbors 10.56.240.2 route
BGP table version is 11, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network          Next Hop            Metric LocPrf Weight RouteTag Path
*> 4.4.4.4/32       10.56.240.2                              0           0       65004 i
*> 75.75.75.75/32   10.56.240.2                        0            0       65004 i

Total number of prefixes 2

# FGT1# get router info routing-table bgp

Routing table for VRF=0
B       4.4.4.4/32 [20/0] via 10.56.240.2, port1, 00:50:26
B       75.75.75.75/32 [20/0] via 10.56.240.2, port1, 00:50:26

For testing purpose, filtering received routes on FGT1. Applied a prefix-list to allow only 75.75.75.75/32:

# FGT1 # config router prefix-list
    edit "ALLOW-ONLY-75"
        config rule
            edit 1
                set prefix 75.75.75.75 255.255.255.255
                unset ge
                unset le
            next
        end
    next
end

# FGT1 # config router bgp
    set as 65003
    set router-id 3.3.3.3
config neighbor
    edit "10.56.240.2"
            set soft-reconfiguration enable
            set prefix-list-in "ALLOW-ONLY-75"   <-----------------prefix-list filtering received routes
            set remote-as 65004
        next
end

Below output is showing all received routes.

# FGT1 # get router info bgp neighbors 10.56.240.2 received-routes
BGP table version is 11, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight RouteTag Path
*> 4.4.4.4/32       10.56.240.2                                0          0         65004 i
*> 75.75.75.75/32   10.56.240.2                           0          0          65004 i
 
Total number of prefixes 2

Below output is showing only filtered(in) received routes.

# FGT1 # get router info bgp neighbors 10.56.240.2 route
BGP table version is 11, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network                   Next Hop            Metric LocPrf  Weight  RouteTag  Path
*> 75.75.75.75/32   10.56.240.2               0                    0          0             65004 i

Total number of prefixes 1

# FGT1 # get router info routing-table bgp

Routing table for VRF=0
B       75.75.75.75/32 [20/0] via 10.56.240.2, port1, 00:55:45

Can filter specific subnets or routes based on AS number etc with the “grep” keyword:

# get router info bgp neighbors <x.x.x.x> advertised-routes | grep < network subnet>
# get router info bgp neighbors <x.x.x.x> advertised-routes | grep <AS number>

Note: If an error shows up after running “get router info bgp neighbors <neighbor IP> received-route”, then enable “set soft-reconfiguration enable” command under the BGP neighbor.

Eg:

# FGT1 # get router info bgp neighbors 10.56.240.2 received-routes
% Inbound soft reconfiguration not enabled

To enable soft configuration:
config router bgp
config neighbor
 edit "10.56.240.2
 set soft-reconfiguration enable     
end

Command: set soft-reconfiguration {enable | disable}   -Enable/disable allow IPv4 inbound soft reconfiguration. Once enabled, FGT starts storing BGP neighbor received updates.