Fortinet black logo

New Features

BGP conditional advertisement for IPv6 7.0.1

Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:168660
Download PDF

BGP conditional advertisement for IPv6 7.0.1

BGP conditional advertisement allows the router to advertise a route only when certain conditions are met. Starting in 7.0.1, this capability is supported for IPv6. IPv4 BGP conditional advertisement is supported in earlier versions.

Example 1

In this example, the FortiGate advertises its local network to the secondary router when the primary router is down. The FortiGate detects the primary router is down in the absence of a learned route.

  • When the FortiGate learns route 2003:172:28:1::/64 from the primary router, it does not advertise its local route (2003:172:22:1::/64) to the secondary router.

  • When the FortiGate does not learn route 2003:17:28:1::/64 from the primary router, advertises its local route (2003:172:22:1::/64) to the secondary router.

  • The BGP conditional advertisement condition is set to be true if the condition route map (2003:172:28:1::/64) is not matched (non-exist).

To configure BGP conditional advertisement with IPv6:
  1. Configure the IPv6 prefix lists:
    config router prefix-list6
        edit "adv-222"
            config rule
                edit 1
                    set prefix6 2003:172:22:1::/64
                    unset ge
                    unset le
                next
            end
        next
        edit "lrn-281"
            config rule
                edit 1
                    set prefix6 2003:172:28:1::/64
                    unset ge
                    unset le
                next
            end
        next
    end
  2. Configure the route maps:
    config router route-map
        edit "map-221"
            config rule
                edit 1
                    set match-ip6-address "adv-222"
                next
            end
        next
        edit "map-281"
            config rule
                edit 1
                    set match-ip6-address "lrn-281"
                next
            end
        next
    end
  3. Configure BGP:
    config router bgp
        set as 65412
        set router-id 1.1.1.1
        set ibgp-multipath enable
        set network-import-check disable
        set graceful-restart enable
        config neighbor
            edit "2003::2:2:2:2"
                set soft-reconfiguration6 enable
                set remote-as 65412
                set update-source "loopback1"
                config conditional-advertise6
                    edit "map-221"
                        set condition-routemap "map-281"
                        set condition-type non-exist
                    next
                end
            next
            edit "2003::3:3:3:3"
                set soft-reconfiguration6 enable
                set remote-as 65412
                set update-source "loopback1"
            next
        end
    end

    In this configuration, if route map map-281 does not exist, then the FortiGate advertises route map map-221 to neighbor 2003::2:2:2:2.

  4. Verify the routing table:
    # get router info6 routing-table bgp
    B       2003:172:28:1::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 01:23:45
    B       2003:172:28:2::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 23:09:22

When the FortiGate learns 2003:172:28:1::/64, it will not advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2. If the FortiGate has not learned 2003:172:28:1::/64, it will advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2.

Example 2

With the same IPv6 prefix lists and route maps, when the FortiGate does learn 2003:172:28:1::/64, it advertises local route 2003:172:22:1::/64 to the secondary router. The BGP conditional advertisement condition is set to be true if the condition route map is matched (exist).

To configure BGP conditional advertisement with IPv6:
  1. Configure BGP:
    config router bgp
        config neighbor
            edit "2003::2:2:2:2"
                config conditional-advertise6
                    edit "map-221"
                        set condition-routemap "map-281"
                        set condition-type exist
                    next
                end
            next
        end
    end
  2. Verify the routing table:
    # get router info6 routing-table bgp
    B       2003:172:28:1::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 01:23:45
    B       2003:172:28:2::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 23:09:22

When the FortiGate learns 2003:172:28:1::/64, it will advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2. If the FortiGate has not learned route 2003:172:28:1::/64, it will not advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2.

BGP conditional advertisement for IPv6 7.0.1

BGP conditional advertisement allows the router to advertise a route only when certain conditions are met. Starting in 7.0.1, this capability is supported for IPv6. IPv4 BGP conditional advertisement is supported in earlier versions.

Example 1

In this example, the FortiGate advertises its local network to the secondary router when the primary router is down. The FortiGate detects the primary router is down in the absence of a learned route.

  • When the FortiGate learns route 2003:172:28:1::/64 from the primary router, it does not advertise its local route (2003:172:22:1::/64) to the secondary router.

  • When the FortiGate does not learn route 2003:17:28:1::/64 from the primary router, advertises its local route (2003:172:22:1::/64) to the secondary router.

  • The BGP conditional advertisement condition is set to be true if the condition route map (2003:172:28:1::/64) is not matched (non-exist).

To configure BGP conditional advertisement with IPv6:
  1. Configure the IPv6 prefix lists:
    config router prefix-list6
        edit "adv-222"
            config rule
                edit 1
                    set prefix6 2003:172:22:1::/64
                    unset ge
                    unset le
                next
            end
        next
        edit "lrn-281"
            config rule
                edit 1
                    set prefix6 2003:172:28:1::/64
                    unset ge
                    unset le
                next
            end
        next
    end
  2. Configure the route maps:
    config router route-map
        edit "map-221"
            config rule
                edit 1
                    set match-ip6-address "adv-222"
                next
            end
        next
        edit "map-281"
            config rule
                edit 1
                    set match-ip6-address "lrn-281"
                next
            end
        next
    end
  3. Configure BGP:
    config router bgp
        set as 65412
        set router-id 1.1.1.1
        set ibgp-multipath enable
        set network-import-check disable
        set graceful-restart enable
        config neighbor
            edit "2003::2:2:2:2"
                set soft-reconfiguration6 enable
                set remote-as 65412
                set update-source "loopback1"
                config conditional-advertise6
                    edit "map-221"
                        set condition-routemap "map-281"
                        set condition-type non-exist
                    next
                end
            next
            edit "2003::3:3:3:3"
                set soft-reconfiguration6 enable
                set remote-as 65412
                set update-source "loopback1"
            next
        end
    end

    In this configuration, if route map map-281 does not exist, then the FortiGate advertises route map map-221 to neighbor 2003::2:2:2:2.

  4. Verify the routing table:
    # get router info6 routing-table bgp
    B       2003:172:28:1::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 01:23:45
    B       2003:172:28:2::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 23:09:22

When the FortiGate learns 2003:172:28:1::/64, it will not advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2. If the FortiGate has not learned 2003:172:28:1::/64, it will advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2.

Example 2

With the same IPv6 prefix lists and route maps, when the FortiGate does learn 2003:172:28:1::/64, it advertises local route 2003:172:22:1::/64 to the secondary router. The BGP conditional advertisement condition is set to be true if the condition route map is matched (exist).

To configure BGP conditional advertisement with IPv6:
  1. Configure BGP:
    config router bgp
        config neighbor
            edit "2003::2:2:2:2"
                config conditional-advertise6
                    edit "map-221"
                        set condition-routemap "map-281"
                        set condition-type exist
                    next
                end
            next
        end
    end
  2. Verify the routing table:
    # get router info6 routing-table bgp
    B       2003:172:28:1::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 01:23:45
    B       2003:172:28:2::/64 [200/0] via 2003::3:3:3:3 (recursive via ****::***:***:****:****, port9), 23:09:22

When the FortiGate learns 2003:172:28:1::/64, it will advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2. If the FortiGate has not learned route 2003:172:28:1::/64, it will not advertise its local route 2003:172:22:1::/64 to neighbor 2003::2:2:2:2.