- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
in/out filter on BGP
Hello Dears
I am trying to add a route map on BGP out filter as below :
network 1 : 100.68.0.10/32
network 2 : 100.68.0.12/32
network 3 : 100.65.0.144/28
network 4 : 100.65.0.226/32
it's allowing only /32 networks but the /28 network is not announcing to neighbor take in mind all 4 networks are static route redistributed
and also I am trying to filter the out network to the neibhour but it is not working using route map and access-list
Bests
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi,
Could you please post the output of command,
#get router info routing-table details 100.65.0.144
best regards,
Jin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate-601E-1 # get router info routing-table details 100.65.0.144
Routing table for VRF=0
Routing entry for 100.65.0.144/28
Known via "static", distance 240, metric 0
vrf 0 100.64.0.2, via port3
Routing entry for 100.65.0.144/28
Known via "ospf", distance 110, metric 11, best
Last update 3d01h01m ago
* vrf 0 100.64.0.2, via port3
here it's dear
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello MustphaBassim
Based on this output, the static route is not being used in your network and BGP will not try to advertise a route that it is not using. Since the OSPF route is in use, can you try redistributing OSPF?
As for filtering outbound routes, please take a look at this kb article for more info: https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-ORF-Outbound-Route-Filtering/ta-p/2063...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would suggest this:
- use prefix-list to filter in/out prefixes from/to neighbors
- advertise under, config network > edit <> > set prefix <> , the directly connected prefixes and from other protocols just to be sure
- advertise under, config redistribute ospf , the 100.65.0.144/28 network.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Dear
the issue I the need to filter more than one network (in/out) so does route map is ok ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you saying the /28 is in the routing table but not in BGP table?
"get router info bgp network 10.65.0.144/28"
For filtering I would suggest matching those with a prefix-list then use it in in/out route-maps.
Toshi
