Hi Guys,
I have configured SDWAN between HO & branches and using MPLS & ILL for the traffic as active & passive.
Configured S2S VPN over MPLS & ILL & made the VPNs as SDWAN members.
I am running BGP over VPNs for route failover automatically as per the guide & checked failover was happening successfully after manually shut the VPN interface down and up.
While doing the VPN interface down & up, The BGP takes around 3 minutes to form the neighborship.
Can we reduce this time to make the neighborship faster... Kindly suggest on that. Thanks.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Can you confirm are you using the default BGP times or have to defined the same.
Kindly configure the hold-timer to 15 and keep-alive timer as 5 and check the response.
config router bgp
set holdtime-timer <>
set set keepalive-timer <>
end
the above configuration is global for all the BGP neighbours and the same needs to be changed on the peer device.
In case you want only for specific peer then you can configure the timers for the peers.
config router bgp
config neighbor
edit <neighbor>
set holdtime-timer <>
set set keepalive-timer <>
end
Thanks
Kindly provide config if want to failover in 1 minute only.
3 minutes is the default timers. You can run BFD to detect the failure faster and initiate failover - https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-BFD-implementation-and-examples/...
Hello Shantilal1998,
Please use the connect-timer in BGP.
config router bgp
config neighbor
edit x.x.x.x
set connect-timer 10
end
end
Regards
Nagaraju.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.