The BGP metric does not Influence my Route as expect

Potato168 · ‎04-01-2024

Hi All,

I am trying to have Dual Hubs for my spoke.

I just set up Hub A using the built-in Wizard of Fortigate.

All branches and Hub A are working well on day one.

We are going to have a new Firewall at DataCenter as DR second Hub now.

All traffic will only go through Hub A and only use Hub B if my Hub A goes offline.

To achieve this, we set up the route-map-out for both Hub A and B BGP settings.

The metric for Site A is 5, and Hub B is 100.

We tested the connection, Both Hubs VPN up and seem good for traffic.

We tried to shut down Hub A VPN then, all traffic was routed to Hub B.

When Hub A resumed, we found that the Branch learned BGP from A again and the Metric is 5.

However, the route with Metric 100 from B is still the best path for the branch and does not go through the Hub A.

Please advise.

Toshi_Esumi · ‎04-03-2024

Before seeing your BGP config in show router bgp on both Hubs, I'm guessing you're using different AS for Hub A and B.

If so, try "set always-compare-med enable" option under "config router bgp" on the branch sides to see if this would give you your expecting behavior.

config router bgp

set always-compare-med enable

end

This is probably not configurable in GUI.

Toshi

View solution in original post

Potato168 · ‎04-02-2024

Sorry, What are you talking about?

smaruvala · ‎04-01-2024

Hi,

Is it possible to share the routing table details or received routes table from both the neighbors after Hub A was resumed?

Regards,

Shiva

Potato168 · ‎04-02-2024

Here you are, you can find that the lowest metric BGP was not my best path now

Toshi_Esumi · ‎04-02-2024

"*>" is the best path. "*" is not.

Toshi

Potato168 · ‎04-02-2024

Oh, sorry attaching the wrong photo previouly. Here you are:

Toshi_Esumi · ‎04-02-2024

What did you configure differently to get this screen shot from the previous one? Please share those route-maps you configured on two Hub FGTs for those cases.

Toshi

Potato168 · ‎04-02-2024

Nothing. The first photo is the day one routing table. Hub A and B is working normally.

The new photo is after Hub A reboot and up again.

MY route map just applied at Hubs Network out side:

Toshi_Esumi · ‎04-03-2024

Please show it us in CLI. Go to "config router route-map", then "show" at both Hub FGTs. Also "show router bgp" as well to show the ASN of itself and neighbors.