Dear all,
I am about to create an RTBH server where it is used for blackholing an IP address in case of DDoS attack. I have implement my topology with Cisco products where they were in charge of BGP.
In my new case, I am running BGP on Fortigate firewall (1000D). One of my design requirement is, NOT installing certain BGP routes in the table (for the DDoS mitigation purpose), but it should be advertised to the upstream BGP neighbor.
I have met this requirement in Cisco with Table-Map feature.
My question, does Fortigate support this feature (table-map) or this idea?
Any help is much appreciated.
If you need any further detail, please ping me in this post to elaborate it in deep.
Long story short, a certain iBGP routes should be advertised to the upstream eBGP neighbors, but not installed in the Forigate routing table which is in charge of data-plane.
Regards
Behzad
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
anyone!!!!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1519 | |
1019 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.