Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
TC510
New Contributor II

BGP reflected route distance

Is there any way to tell BGP to deprioritize routes learned via a route reflector and prefer a route learned from a BGP peer that's one hop away?

 

The setup I have is that there are two hub sites (call them HQ1 and HQ2) with many spokes that each have a VPN connection to both hubs and the hubs have a VPN to each other. There are resources in both HQ sites that all spokes should be able to access but the spokes don't need to talk to each other. All routers are part of the same AS. What I would like is for each site to prefer to route traffic via the most direct route, and in the case that a VPN is down to route around the failure.

 

Setting each HQ site as a route reflector for each spoke neighbor allows almost everything to work as desired, but if I then want to also advertise those routes to the other hub so they can be used to route around a failed connection they sometimes supersede the routes that already exist on that hub. It does this because the distance of advertised routes doesn't change depending on whether it's advertised by the router directly connected to the network or by a router acting as a reflector, despite the one hop to the directly connected one being a shorter path.

 

Is this something that can be modified? Would conditional advertisement or BGP multipathing solve my problem? Should I be using a different AS for each hub? Or should I start over with something less complex?

4 REPLIES 4
Toshi_Esumi
Esteemed Contributor III

If this is only for your internal network, no BGP neighborings with ISPs, the simplest way is to make all routers' ASN unique in the private ranges (either 2-byte or 4-byte private ASN range) then all neighborings become eBGP.

With eBGP, if no other metrics are different, the route with the shortest AS path length would be chosen. So 1 hop would win over 2 hops.

 

Toshi

Toshi_Esumi
Esteemed Contributor III

Since iBGP learned routes are not advertised another iBGP neighbor, a special mechanism like route reflectors is necessary when hub1 router needs to advertise those remote routers' routes to hub2. With eBGP, you don't have to worry about those while all BGP routes can be advertised to any eBGP neighbors.

TC510
New Contributor II

Thanks for the suggestions, but I ended up reconfiguring the sites using OSPF instead and so far it's been a significant improvement, decreasing both configuration complexity and convergence speed. I think my BGP idea was flawed to begin with.

kumarp
Staff
Staff

You can set cluster-id on the hubs. They pretty much mimic as-path for ibgp. Any time a route passes through a cluster , the cluster-id is added to the route. 

You would require route-reflector between hubs as well. But would also require a lot of route-maps to clean up the routing table. 

Pankaj
Labels
Top Kudoed Authors