Description

This article talks about the empty output of the 'get router info bgp summary' command on passive BGP peer.

Scope

FortiGate.

Solution

When two BGP peers try to establish BGP peering with each other simultaneously, two parallel connections will be initiated from each side which can cause a connection collision and one of the connections must be closed.

Based on the BGP RFC 4271 standard, BGP Identifiers (Router IDs) must be compared with the BGP peers and the BGP peer with higher Router ID will retain the connection and act as initiator.

In the below output, one of the FortiGate is configured as a BGP passive peer which means it will not be an initiator so the BGP states will not be available in BGP summary output. The output of 'get router info bgp summary' does not provide any output until BGP peering is established.

As it is in a passive state, it will wait for an incoming TCP connection request from the remote BGP peer.

The BGP summary output would be seen on the active peer though.

To manually set a particular peer as passive, refer the this related KB article:

Technical Tip: Functionality of 'set passive' under BGP neighbor