Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
manucmp
New Contributor II

Created on ‎07-03-2023 12:58 AM

Advertising bgp routes

Hi all, we have around 50 static routes. I just need to advertise two of them in eBGP. I managed to stop propagating static route and try to advertise only the two needed... can't get it done (is there a clear how-to I can follow?).
I could re-advertise static routes and block all 48 not needed... but it feels an overkill...
What should I do? Thank you.

Labels:
2346
0 Kudos
1 Solution
Toshi_Esumi
SuperUser
SuperUser

Created on ‎07-03-2023 08:33 AM Edited on ‎07-03-2023 08:35 AM

Or, create the same prefix-list @saneeshpv_FTNT suggests EXCEPT edit 3, to simply match without denying the rest. Then create a route-map like below and use it at neighbor config section in route-map-out statement. route-maps have implicit deny at the end.

 

config router route-map

  edit "advertise-limited-routes"

    config rule

      set match-ip-address "Test"

    next

end

 

config router bgp

  config neighbor

    edit <neighbor_IP>

      set route-map-out  "advertise-limited-routes"

    next

  end

end

 

This adds one more layer so additional work. But more flexible when you start dealing with multiple prefix lists in the future.

 

Toshi

View solution in original post

2319
2 REPLIES 2
saneeshpv_FTNT
Staff
Staff

Created on ‎07-03-2023 01:28 AM

Hi ,

 

You may use a prefix-list to filter routes a per your requirement and then call them in BGP configuration for route-advertisement.

 

Ex:

FGVM02TM22000863 (Test) # show
config router prefix-list
edit "Test"
config rule
edit 1
set prefix 1.1.1.1 255.255.255.255
unset ge
unset le
next
edit 2
set prefix 2.2.2.1 255.255.255.255
unset ge
unset le
next
edit 3
set action deny
set prefix any
unset ge
unset le
next
end
next
end

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-control-BGP-route-advertisement-wit... 

 

Regards

2340
Toshi_Esumi
SuperUser
SuperUser

Created on ‎07-03-2023 08:33 AM Edited on ‎07-03-2023 08:35 AM

Or, create the same prefix-list @saneeshpv_FTNT suggests EXCEPT edit 3, to simply match without denying the rest. Then create a route-map like below and use it at neighbor config section in route-map-out statement. route-maps have implicit deny at the end.

 

config router route-map

  edit "advertise-limited-routes"

    config rule

      set match-ip-address "Test"

    next

end

 

config router bgp

  config neighbor

    edit <neighbor_IP>

      set route-map-out  "advertise-limited-routes"

    next

  end

end

 

This adds one more layer so additional work. But more flexible when you start dealing with multiple prefix lists in the future.

 

Toshi

2320
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.