FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to use set-community-additive in BGP route-map and the purpose of using it.
Scope
FortiGate.
Solution
In FortiGate BGP, the set-community-additive enable command ensures that new BGP community values will be added to the existing ones rather than replacing them.
By default, when using a set community in a route-map, any previously assigned community values are overwritten. Enabling set-community-additive allows the new communities to be appended while keeping the original ones intact. Here is the configuration example from the CLI session.
CLI:
config router route-map edit "route-map"
config rule edit 1 set action permit
set match-ip-address "prefix-list" set set-community 65001:100 65001:101 setset-community-additiveenable
next end
next
end
The following behavior will be expected from the above configuration:
This route-map will be applied to routes matching 'prefix-list'.
It will assign BGP communities 65001:100 and 65001:101.
The 'set-community-additive' enable option ensures that these values are added rather than replacing any existing ones.
This setting is useful when users want to preserve existing community values while adding new ones, helping to maintain proper routing policies and traffic control across different networks.
