Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
douglas1942
New Contributor

Created on ‎02-05-2022 03:59 PM

How to set BGP community attribute to BGP learned routes

Hello, I want to identify all BGP learned routes on a Fortigate and then apply a BGP Community attribute to them.

I am using an inbound route-map on the BGP peer for this purpose, however it does seem to work.

 

Is this the correct way to do this ?

 

config router route-map
edit "HG_CORP_ROUTE_MAP_IN"
config rule
edit 10
set match-origin egp***matching all learned incoming BGP routes
set set-community "7714:65100"***setting the community

Labels:
2940
0 Kudos
1 Solution
Toshi_Esumi
SuperUser
SuperUser

Created on ‎02-05-2022 08:59 PM

You still need to apply the route-map to each neighbor. Then if you want to set a specific community to all routes from the neighbor, I wouldn't bother matching anything but just apply the community. Then for other neighbors you might want to apply different communities. Otherwise, what's the purpose of applying a community?

They would be useful only when the FGT advertises those community-attached routes to other neighboring routing devices, or other VDOMs because communities are preserved when the routes are forwarded until removed/overwritten by a router on the path.

 

Or further, I would attach the community on the advertising router side when it advertises them to the FGT, which would be simpler.

 

Toshi

View solution in original post

2925
0 Kudos
2 REPLIES 2
Toshi_Esumi
SuperUser
SuperUser

Created on ‎02-05-2022 08:59 PM

You still need to apply the route-map to each neighbor. Then if you want to set a specific community to all routes from the neighbor, I wouldn't bother matching anything but just apply the community. Then for other neighbors you might want to apply different communities. Otherwise, what's the purpose of applying a community?

They would be useful only when the FGT advertises those community-attached routes to other neighboring routing devices, or other VDOMs because communities are preserved when the routes are forwarded until removed/overwritten by a router on the path.

 

Or further, I would attach the community on the advertising router side when it advertises them to the FGT, which would be simpler.

 

Toshi

2926
0 Kudos
akristof
Staff
Staff

Created on ‎02-06-2022 01:04 AM

Hello,

 

The route-map looks OK except the part that you are matching origin. That is not needed as you need to apply this route-map on neighbor on incoming direction. So all the routes will pass it automatically. But still, I would remove that origin criteria. Of course, after any change related to BGP, soft-clear the neighbor:

exec router clear bgp ip x.x.x.x soft

Then you can verify if the network received has community set:

get router info bgp network X.X.X.X/X

Adrian
2878
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.