Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
caunon
Staff
Staff

Created on ‎07-25-2022 11:19 AM

Article Id 218352

Technical Tip: How to check BGP sessions in FortiGate unit

Description

This article describes how to check BGP sessions in FortiGate for detailed investigation.

 

BGP (Border Gateway Protocol)
Scope

FortiGate unit.
Solution

To investigate BGP sessions in FortiGate unit, use the CLI command as below.

 

   # diagnose sys session list | grep :179 -B 9 -A 6

 

Example:

 

# diagnose sys session list | grep :179 -B 9 -A 6


session info: proto=6 proto_state=01 duration=1993 expire=3592 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/IPSec36 vlan_cos=0/0
state=local may_dirty npu
statistic(bytes/packets/allow_err): org=5846/83/1 reply=5848/83/1 tuples=2
tx speed(Bps/kbps): 6/0 rx speed(Bps/kbps): 6/0
orgin->sink: org pre->in, reply out->post dev=19->13/13->19 gwy=192.0.0.1/0.0.0.0
hook=pre dir=org act=noop 198.0.0.1:10093->192.0.0.1:179(0.0.0.0:0)
hook=post dir=reply act=noop 192.0.0.1:179->198.0.0.1:10093(0.0.0.0:0)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=10 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0
serial=00000402 tos=00/00 app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=0x000001 no_offload

session info: proto=6 proto_state=01 duration=1971 expire=3589 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=may_dirty npu
statistic(bytes/packets/allow_err): org=5906/84/1 reply=6054/83/1 tuples=2
tx speed(Bps/kbps): 3/0 rx speed(Bps/kbps): 2/0
orgin->sink: org pre->post, reply pre->post dev=19->7/7->19 gwy=10.89.2.146/10.165.1.249
hook=pre dir=org act=noop 198.0.0.1:13319->192.1.0.1:179(0.0.0.0:0)
hook=post dir=reply act=noop 192.1.0.1:179->198.0.0.1:13319(0.0.0.0:0)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=12 pol_uuid_idx=14745 auth_info=0 chk_client_info=0 vd=0
serial=00000494 tos=ff/ff app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=0x000101 no_offload

--
session info: proto=6 proto_state=01 duration=2002 expire=3593 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=may_dirty
statistic(bytes/packets/allow_err): org=5488/88/1 reply=5560/87/1 tuples=2
tx speed(Bps/kbps): 5/0 rx speed(Bps/kbps): 5/0
orgin->sink: org pre->post, reply pre->post dev=11->7/7->11 gwy=10.89.2.146/10.151.3.170
hook=pre dir=org act=noop 192.5.0.1:20019->192.1.0.1:179(0.0.0.0:0)
hook=post dir=reply act=noop 192.1.0.1:179->192.5.0.1:20019(0.0.0.0:0)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=4 pol_uuid_idx=14737 auth_info=0 chk_client_info=0 vd=0
serial=000003a7 tos=ff/ff app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000

--

 

Labels:
2747
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.