Hello Dears
I am trying to add a route map on BGP out filter as below :
network 1 : 100.68.0.10/32
network 2 : 100.68.0.12/32
network 3 : 100.65.0.144/28
network 4 : 100.65.0.226/32
it's allowing only /32 networks but the /28 network is not announcing to neighbor take in mind all 4 networks are static route redistributed
and also I am trying to filter the out network to the neibhour but it is not working using route map and access-list
Bests
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hi,
Could you please post the output of command,
#get router info routing-table details 100.65.0.144
best regards,
Jin
FortiGate-601E-1 # get router info routing-table details 100.65.0.144
Routing table for VRF=0
Routing entry for 100.65.0.144/28
Known via "static", distance 240, metric 0
vrf 0 100.64.0.2, via port3
Routing entry for 100.65.0.144/28
Known via "ospf", distance 110, metric 11, best
Last update 3d01h01m ago
* vrf 0 100.64.0.2, via port3
here it's dear
Hello MustphaBassim
Based on this output, the static route is not being used in your network and BGP will not try to advertise a route that it is not using. Since the OSPF route is in use, can you try redistributing OSPF?
As for filtering outbound routes, please take a look at this kb article for more info: https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-ORF-Outbound-Route-Filtering/ta-p/2063...
I would suggest this:
- use prefix-list to filter in/out prefixes from/to neighbors
- advertise under, config network > edit <> > set prefix <> , the directly connected prefixes and from other protocols just to be sure
- advertise under, config redistribute ospf , the 100.65.0.144/28 network.
Hello Dear
the issue I the need to filter more than one network (in/out) so does route map is ok ?
Are you saying the /28 is in the routing table but not in BGP table?
"get router info bgp network 10.65.0.144/28"
For filtering I would suggest matching those with a prefix-list then use it in in/out route-maps.
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.