- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
eBGP routes not showing up
Hi,
I am doing a lab setup where I have hit a problem with ebgp routes disappearing from the routing-database when ibgp routes shows up. I have not done any route manipulation on my BGP session at the moment. I would have thought that even if the route is not active it would appear in the routing-database (get router info routing-table database). I can see the routes being advertised and also received (get router info routing-table bgp neigh received-routes).
The BGP sessions are over the tunnel and I am assuming that there would not be any difference.
Any help is appreciated.
San
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate adds below config by default to set local-preference to 100.
FGT # config router bgp
FGT (bgp) # show full | grep local-pre
set default-local-preference 100
IBGP carries the local-prefernce values within same AS and due to that reason you get route with local-preference 100 and thats the reason IBGP route is getting activated.
You can either set the "set default-local-preference 0" on the advertising device (IBGP neighbor) or apply a route-map in the receiving fortigate to make local-preference 0 for IBGP or another route-map to increase the local-preference to 200 for EBGP route.
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you check if you are hitting the scenario given in https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-routes-not-added-into-the-routing-tabl...
This article is about BGP and OSPF, but I think EBGP and IBGP are similar scenario
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Suraj,
This is slightly different.
In the example both routes are visible in the routing database (#get router info routing-table database), but in my case the eBGP route is not visible in the database when the iBGP is learned. I am trying to learn default route from eBGP peer and iBGP peer.
However, when I do #get router info bgp network --> I can see all the learned routes there. In the output below there are 2 default route from iBGP and 1 from eBGP (neighbour 203.116.1.5). The local preference for the iBGP is 100 but the eBGP does not have any - could that be the reason? Weigh and metric is the same.
here is the output:
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight RouteTag Path
*>i0.0.0.0/0 172.21.1.1 0 100 0 0 i <256/1>
*>i 172.22.1.1 0 100 0 0 i <256/2>
* 203.116.1.5 0 0 0 65111 i <-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Even if you will change local-pref for eBGP route, at some point if all metrics are the same, eBGP route will win over iBGP route.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'd say very much may be the reason, look at selection criteria for the best path:
- Choose the route with the highest weight.
- If weight is not set, choose the route with the highest local preference.
- Choose routes that this router originated.
- Choose the path with the shortest Autonomous System path.
- Choose the path with the lowest origin code (i is lowest, e is next, ? is last).
- Choose the route with the lowest MED, if the same Autonomous System advertises the possible routes.
- Choose an EBGP route over an IBGP route.
- Choose the route through the nearest IGP neighbor as determined by the lowest IGP metric.
- Choose the oldest route
- Choose a path through the neighbor with the lowest router ID.
- Choose a path through the neighbor with the lowest IP address.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
you mean your FGT gets the same routes both - via eBGP and iBGP? AD of eBGP is 20 while of iBGP is 200, so unless you do some manipulation on FGT (redistribute, route-map assigning weight etc. to the learned routes) this should not be possible.
Personal opinion: I've seen bugs and problems with routing protocols in FGT over years, but not like that, and is strongly inclined that something in setup/configuration is causing this, not FGT itself.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Yuri,
Yeah I will have a further look at my configuration. I was also hoping that the eBGP route would be installed as well. On the advertising FTGT I have tried capability-default-originate to redistribute static just to see if that matters as well and played with few other configs. The BGP is over a tunnel but I don't think that would matter.
Here is the neighbor config on the router that is receiving the route. 203.116.1.5 neighbor is external and the second neighbor is internal.
edit "203.116.1.5"
set soft-reconfiguration enable
set interface "Prisma"
set remote-as 65111
set keep-alive-timer 10
set holdtime-timer 30
set connect-timer 5
set update-source "Prisma"
next
config neighbor
edit "172.21.1.1"
set next-hop-self enable
set soft-reconfiguration enable
set interface "Spoke-HUB1"
set remote-as 65001
set keep-alive-timer 10
set holdtime-timer 30
set connect-timer 5
set update-source "Spoke-HUB1"
set additional-path both
set adv-additional-path 8
I will have a second look at the config.
san
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Interesting behavior. I tested the same and I can see the IBGP route is preferred by default and we need to apply a route-map to increase the local-preference of EBGP route to make it preferred.
I will update if I manage to find the possible reasons for this behavior.
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate adds below config by default to set local-preference to 100.
FGT # config router bgp
FGT (bgp) # show full | grep local-pre
set default-local-preference 100
IBGP carries the local-prefernce values within same AS and due to that reason you get route with local-preference 100 and thats the reason IBGP route is getting activated.
You can either set the "set default-local-preference 0" on the advertising device (IBGP neighbor) or apply a route-map in the receiving fortigate to make local-preference 0 for IBGP or another route-map to increase the local-preference to 200 for EBGP route.
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Suraj,
Thank you for testing it out. I was suspecting of the local preference in on of my messages but did not have the time to test it out. I will find sometime to try it out hopefully today.
BTW, what version are you running on. I was on an older version 6.4.8. I had some ebgp and ibgp set up before but had not encountered this issues.
