BGP Scenario:

FGT-01  --- 2 links (port2 and port3) --- FGT-02.

FGT-02 is advertising 2 subnets (1.1.1.1/32 and 2.2.2.2/32).

FGT-01 is configured to choose 1 link for each of the subnets.

Default configuration :

config router bgp
    set as 65400
    set router-id 10.47.34.141
        config neighbor
            edit "10.171.4.167"
                set remote-as 65400
            next
            edit "10.121.4.167"
                set remote-as 65400
            next
end

get router info routing-table bgp
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
V - BGP VPNv4
* - candidate default

Routing table for VRF=0
B 1.1.1.1/32 [200/0] via 10.121.4.167 (recursive is directly connected, port3), 00:00:10, [1/0]
B 2.2.2.2/32 [200/0] via 10.121.4.167 (recursive is directly connected, port3), 00:00:10, [1/0]

The scenario is to make prefix 1.1.1.1/32 choose port2:

config router prefix-list
    edit "PL-LO1"
        config rule
            edit 1
                set prefix 1.1.1.1 255.255.255.255
                unset ge
                unset le
            next
        end
    next
end

config router route-map
    edit "RM-IN"
        config rule
            edit 1
                set match-ip-address "PL-LO1"
                set set-local-preference 200
            next
            edit 2   --> Accept any other prefixes and no attribute change.
            next
        end
    next
end

config router bgp
    set as 65400
    set router-id 10.47.34.141
        config neighbor
            edit "10.171.4.167"
                set soft-reconfiguration enable
                set remote-as 65400
                set route-map-in "RM-IN"
            next
            edit "10.121.4.167"
                set soft-reconfiguration enable
                set remote-as 65400
    next
end

After the change, the routing table is still the same; the BGP attribute (local preference) was not getting enforced.

get router info routing-table bgp
Routing table for VRF=0
B 1.1.1.1/32 [200/0] via 10.121.4.167 (recursive is directly connected, port3), 00:00:49, [1/0]
B 2.2.2.2/32 [200/0] via 10.121.4.167 (recursive is directly connected, port3), 00:00:49, [1/0]

For the routing table to be updated, flushing the BGP neighborship is needed.

execute router clear bgp ip all --> This command will clear all the BGP peers.

Or:

execute router clear bgp ip all soft --> If the soft-reconfiguration option is enabled on the neighbor.

get router info routing-table bgp
Routing table for VRF=0
B 1.1.1.1/32 [200/0] via 10.171.4.167 (recursive is directly connected, port2), 00:00:06, [1/0]
B 2.2.2.2/32 [200/0] via 10.121.4.167 (recursive is directly connected, port3), 00:01:26, [1/0]

The local preference and routing table are updated after the BGP neighborship reset.

Notes:

• BGP attribute changes are applied only to new inbound updates.

• Without a route-refresh, FortiGate continues using the old adj-RIB-in data.

• Use soft-inbound reset to apply changes without dropping the BGP session.

• Always verify prefix-list match and route-map counters.