Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
saleha
Staff & Editor
Staff & Editor

Created on ‎04-27-2025 10:23 PM

Article Id 388056

Troubleshooting Tip: BGP neighbor behaviour vs received routes with different MED/Metric values

Description This article describes how to troubleshoot EBGP route selection when the Metric is not equal across routes received from multiple BGP neighbors for the same prefix. This article discusses deployment where the BGP neighbor is configured to accept additional paths for the same received prefix.
Scope FortiGate,  EBGP.
Solution

Multiple Exit Discriminator MED or Metric is a routing attribute mainly used in BGP to influence received routes between adjacent autonomous systems.

 

Usually, when a BGP neighbor receives routes from different neighbors for the same subnet with different MED values, the receiving neighbor will choose a route to discard, and it is usually the highest received BGP path with the highest metric value.

 

In the case of allowing the additional-path feature on the BGP config, the behaviour might not be consistent, and the receiving BGP neighbor may not discard the neighbor with the highest metric; instead, it will randomly select a route from one or more neighbors to be discarded.

 

This issue can happen due to MED is not being used to compare routes. This can happen when the Metric is passed to the receiving BGP neighbor from a different autonomous system AS.

 

Solution:

 

The following commands resolve this problem by forcing FortiOS to use MED for route comparison:

 

config router bgp
    set always-compare-med enable
    set deterministic-med enable
end

 

Explanation of each command/feature:

 

  • always-compare-med: This is a feature that ensures MED is not ignored or bypassed when comparing between routes from adjacent BGP.
  • deterministic-med: This is an enhancement feature to allow different BGP neighbors to use the same path selection approach.
Labels:
444
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.