Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
live89
Contributor

BGP additional-path-select

Hi

 

What is the difference between:

set additional-path-select<#> 
under config router bgp

 

and

set adv-additional-path <#>

under config neighbor

 

attached screenshot

 

Also, I sow on the other peer this:

set additional-path receive

I disable it by:

set additional-path disable

And even after clearing and restarting BGP I can still see that HQ advertising multiple (three) paths to me

Later I noticed that my local BGP has 'ibgp-multipath' enabled

 

-- If I only enable 'set additional-path receive' under neighbor I don't see that I can learn additional paths from neighbor -- Only if I enable 'set ibgp-multipath enable' in global BGP settings I can learn additional paths from neighbor -- And if I enable 'set ibgp-multipath enable' alone without 'set additional-path receive' under neighbor I can still learn additional paths from neighbor. Why this behavior? I mean why do we need the 'set additional-path receive' if 'set ibgp-multipath enable' is doing the job alone?

What is the purpose of "set additional-path receive" if HQ still can advertise to me additional paths without it and only with 'set ibgp-multipath enable' ?

Thanks

Thanks
6 REPLIES 6
emnoc
Esteemed Contributor III

So lets start with ibgp-multipath. That allows for mpath from iBGP only. That is my understanding of that feature. This allows for ecmp and selection of paths from ibgp.

 

On set additional-path-select this is for additional paths and the total number of paths. 

 

So what are your goals or desire with mpath? I believe in fortios those should be default disable and additional-path select does NOT come up as an option until you enable ibgp-mpath 

 

I believe the additional path select was put into place to limit bgp resources from learned paths, fwiw

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
live89

Hi Ken Thanks for your answer I did some extra research for the first part of my question regarding 'set additional-path-select' and I think it is only for calculation bestpath process. And the 'set adv-additional-path ' is stating for how many bestpaths already calculated to be advertised to your neighbor.   I know what is 'ibgp-multipath' and I know its purpose is ECMP for iBGP. But my question is why do I need the 'set additional-path receive' under neighbor settings if it is not doing anything? All I need is enabling 'ibgp-multipath' under BGP global settings and I can receive multiple paths without enabling 'set additional-path receive' under neighbor section. And if I enable 'set additional-path receive' under neighbor section alone without 'ibgp-multipath' I see no results. So what is the purpose of 'set additional-path receive' ?

Thanks

Thanks
emnoc
Esteemed Contributor III

Open a ticket with support. I personally never used it from what I can recall.

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Toshi_Esumi
Esteemed Contributor III

Although I haven't used multipath, I see it's disabled at a neighbor by default after enabling under BGP globally (6.4.4). It could be a bug depending on the version. I would open a ticket.

live89

Thank you both

I investigated the issue with support, and it was a misunderstanding of this command

As i ran two IPSEC VPNs towards the HQ additional to the main IPVPN line, I was always receiving three routes if ibgp-multipath is enabled, no matter if 'set additional-path receive' is set or not under neighbor. Because those routes are already learned by the main line and the other two IPSECs, and they're not additional routes.

 

'set additional-path receive' was taking position only with ADVPN shortcuts in my scenario. So if I was trying to speak to my other office and shortcut created and set additional-path receive is enabled I will see in my routing table two additional routes to the destination. but with 'set additional-path disable' no additional routes was added to the routing table.

Thanks

Thanks
emnoc
Esteemed Contributor III

Thanks for the update, duly noted

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors