| Description | This article describes issues where BGP advertising does not occur for a network defined under the ‘network’ command and offers possible solutions. |
| Scope | All supported FortiGate models. |
| Solution |
Introduction:
Consider the following topology:
Consider the following BGP configuration (only the relevant settings are shown):
FortiGate 1:
config system interface edit "port2" set vdom "root" set ip 10.11.12.1 255.255.255.252 end config router bgp set as 65500 set router-id 10.9.11.84 config neighbor edit "10.9.10.209" set remote-as 65500 next end config network edit 1 set prefix 10.11.12.0 255.255.255.0 <- Misconfigured subnet mask, thus will not be advertised to peer. next end end
FortiGate 2:
config system interface config router bgp set as 65500 set router-id 10.9.10.209 config neighbor
Troubleshooting Scenario:
In FortiGate 1, the port2 subnet is 10.11.12.0/30. However, the subnet mask used in the ‘network’ command is 10.11.12.0/24. This will not allow FortiGate 1 to advertise the subnet to FGT-2.
Upon running the following commands, the results are as follows:
FortiGate 1:
get router info bgp neighbors 10.9.10.209 advertised-routes <- Will not show the subnet as an advertised route.
FortiGate 2:
get router info bgp neighbors 10.9.11.84 received-routes <- Will not show the subnet as a received route.
Possible solutions:
In order to advertise subnet 10.11.12.0/30 on FortiGate 1 to FortiGate 2, implement any of the following three solutions:
Note that solution 3 will force FortiGate 1 to advertise all connected subnets to FortiGate 2. If this not desired, use solution 1 or 2.
Note: after implementing any solution, allow some time for the BGP process to update routing information. |
