Fortinet Community

vtsonev · ‎11-06-2020

Description
This article provides some explanations regarding multipath capability used by Fortinet and describes the way to read and understand the values from the '# get router info bgp network' output.

External link.
https://tools.ietf.org/html/rfc7911

Solution
The implementation of BGP used by Fortinet has the capability and support for advertisement of multiple paths.
In terms of that Fortinet has implemented the option for path identifier (Path ID), that can be observed when executing '# get router info bgp network' (other BGP network commands like '# get router info bgp network-longer-prefixes” etc.).

In the example, FortiGate has no 'ibgp-multipath' enable and only one route is marked with '-/1', this is the route that is installed in the routing table and this is the reason why FortiGate marked the route with '1'.

<x/y>

'x' means the received path ID (set by peer).

'y' means the sending path ID (set by this FortiGate).

When 'ibgp-multipath' + 'additional-path' are enabled, the output from the network command has changed:

# config router bgp
set ibgp-multipath enable
set additional-path enable

Again, the route marked with '<-/1>' will be put on top of the preferred routes.
The route with '<-/3>' will be considered as active route and will be installed in the routing table, but will be on the bottom.

The assignment of the Path Identifier for a path by a BGP speaker is purely a local matter.
The Path Identifier is assigned in such a way that the BGP speaker is able to uniquely identify a path advertised to a neighbor.

Note.
Fortinet implements the requirements in RFC 7911 in order to provide multipath Advertisement in BGP.

Fortinet Community

Technical Tip: Usage of BGP multipath and description of the BGP NLRI table