|
By default, when advertising a route to an eBGP peer, the FortiGate automatically prepends its own AS number to the AS-PATH attribute. This behavior is part of the standard BGP loop-prevention mechanism, ensuring that a router’s AS is visible in the path and avoiding routing loops.
When the set attribute-unchanged as-path option is configured, the FortiGate preserves the original AS-PATH attribute and advertises the route to the eBGP peer without adding its own AS number.
This feature is typically used in special scenarios such as:
- Route server deployments at Internet Exchange Points (IXPs).
- Carrier or service-provider environments.
Diagram:
2.2.2.2/32-----FGT1 (192.168.1.1)-------(192.168.1.2 ) ISP (192.168.100.1)-------(192.168.100.2) FGT2
FGT1 # show router bgp
config router bgp
set as 65000
set router-id 1.1.1.1
config neighbor
edit "192.168.1.2"
set remote-as 65001
next
end
config redistribute "static"
set status enable
end
FGT1 # show router static
config router static
edit 1
set dst 2.2.2.2 255.255.255.255
set gateway 10.254.1.100
set device "port1"
next
end
ISP # show router bgp
config router bgp
set as 65001
set router-id 2.2.2.2
config neighbor
edit "192.168.1.1"
set remote-as 65000
next
edit "192.168.100.2"
set soft-reconfiguration enable
set remote-as 65002
next
end
FGT2 # show router bgp
config router bgp
set as 65002
set router-id 3.3.3.3
config neighbor
edit "192.168.100.1"
set soft-reconfiguration enable
set remote-as 65001
next
end
Initial Behavior (Default eBGP):
- FGT1 advertises route 2.2.2.2/32 to its eBGP peer, the ISP (AS 65001).
- ISP forwards the route to FGT2 with prepending its own AS.
- By default, the AS-PATH is modified, so FGT2 sees the route as coming from 65001 65000, where 65001 (ISP) is prepended to the original AS-PATH.
FGT2 # get router info bgp summary
VRF 0 BGP router identifier 3.3.3.3, local AS number 65002
BGP table version is 1
1 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.100.1 4 65001 25 24 0 0 0 00:04:47 1
Total number of neighbors 1
FGT2 # get router info bgp neighbors 192.168.100.1 received-routes
VRF 0 BGP table version is 1, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight RouteTag Path
*> 2.2.2.2/32 192.168.100.1 0 0 65001 65000 ? <-/->
Total number of prefixes 1
Behavior after configuration:
- FGT1 advertises route 2.2.2.2/32 -> AS-PATH {65000}.
- ISP forwards the route to FGT2 without prepending its own AS.
- FGT2 sees the route as coming directly from AS 65000.
ISP # show router bgp
config router bgp
set as 65001
set router-id 2.2.2.2
config neighbor
edit "192.168.1.1"
set remote-as 65000
next
edit "192.168.100.2"
set attribute-unchanged as-path <-----
set soft-reconfiguration enable
set remote-as 65002
next
end
FGT2 # get router info bgp neighbors 192.168.100.1 received-routes
VRF 0 BGP table version is 1, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight RouteTag Path
*> 2.2.2.2/32 192.168.100.1 0 0 65000 ? <-/->
Total number of prefixes 1
|
