Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Bubbabowski
New Contributor

Announce BGP route 0.0.0.0

Hi,

I'm trying to announce a default prefix from BGP.  My goal is that all BGP traffic will flow to my datacenter Fortigate, unless the network is announced somewhere else.  We're moving from Cisco to Fortigate... the command for Cisco was just 'network 0.0.0.0'.  I tried the following, but got the returned error code:

 

FG (bgp) # config network

FG (network) # edit 1

FG (1) # set prefix 0.0.0.0/0  (I also tried /32 and 0.0.0.0)

The prefix 0.0.0.0/0 is not allowed

node_check_object fail! for prefix 0.0.0.0/0

 

What is the equivalent or how can I accomplish this for the Fortigate.  Thanks.

1 Solution
lobstercreed

Yes, this should work fine, per this KB: https://kb.fortinet.com/kb/documentLink.do?externalID=FD40248

 

I think Toshi's point was assuming that you had a default route in your routing table to advertise.  As per the above KB, the command you highlighted should work even when the advertising router doesn't have a default route.

View solution in original post

4 REPLIES 4
Toshi_Esumi
SuperUser
SuperUser

If you're trying to pass the default route from an i/eBGP nighbor to another eBGP neighbor, it should be automatic without anything special. But if you want to advertise only the default route and omit all the other routes, one option is to create 1) a prefix-list for the default route, and 2) a route-map to allow the default route prefix only (denying the rest is implicit), then 3) refer it in the neighbor config with "set route-map-out" statement.

Bubbabowski

Thanks, I will give it a shot.

Bubbabowski

I made the change last night, but there was still no default route picked up by the remote branches.  I found this earlier... is it this simple?

config router bgp     set as 65002     set router-id 1.1.1.2     config neighbor         edit "1.1.1.1"             set capability-default-originate enable             set remote-as 65001             set send-community6 disable         next

lobstercreed

Yes, this should work fine, per this KB: https://kb.fortinet.com/kb/documentLink.do?externalID=FD40248

 

I think Toshi's point was assuming that you had a default route in your routing table to advertise.  As per the above KB, the command you highlighted should work even when the advertising router doesn't have a default route.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors