Fortinet black logo

New Features

Accept multiple conditions in BGP conditional advertisements 7.0.4

Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:965999
Download PDF

Accept multiple conditions in BGP conditional advertisements 7.0.4

BGP conditional advertisements can accept multiple conditions to be used together. The conditional route map entries are treated as an AND operator.

Example

In the following example, the FortiGate will only advertise routes to its neighbor 2.2.2.2 if it learns multiple BGP routes defined in its conditional route map entry. All conditionals must be met. This applies to IPv4 and IPv6.

To configure multiple conditions in BGP conditional advertisements:
  1. Configure the IPv4 prefix list:
    config router prefix-list
        edit "281"
            config rule
                edit 1
                    set prefix 172.28.1.0 255.255.255.0
                    unset ge
                    unset le
                next
            end
        next
        edit "222"
            config rule
                edit 1
                    set prefix 172.22.2.0 255.255.255.0
                    unset ge
                    unset le
                next
            end
        next
    end
  2. Configure the community list:
    config router community-list
        edit "30:5"
            config rule
                edit 1
                    set action permit
                    set match "30:5"
                next
            end
        next
    end
  3. Configure the IPv4 route maps:
    config router route-map
        edit "comm1"
            config rule
                edit 1
                    set match-community "30:5"
                    set set-route-tag 15
                next
            end
        next
        edit "2224"
            config rule
                edit 1
                    set match-ip-address "222"
                next
            end
        next
        edit "2814"
            config rule
                edit 1
                    set match-ip-address "281"
                next
            end
        next
    end
  4. Configure the IPv6 prefix list:
    config router prefix-list6
        edit "adv-222"
            config rule
                edit 1
                    set prefix6 2003:172:22:1::/64
                    unset ge
                    unset le
                next
            end
        next
        edit "list6-2"
            config rule
                edit 1
                    set prefix6 2003:172:28:2::/64
                    unset ge
                    unset le
                next
            end
        next
    end
  5. Configure the IPv6 route maps:
    config router route-map
        edit "map-222"
            config rule
                edit 1
                    set match-ip6-address "adv-222"
                next
            end
        next
        edit "map-282"
            config rule
                edit 1
                    set action deny
                    set match-ip6-address "list6-2"
                next
            end
        next
    end
  6. Configure the BGP settings:
    config router bgp
        config neighbor
            edit "2.2.2.2"
                config conditional-advertise
                    edit "2224"
                        set condition-routemap "2814" "2224" "comm1"
                        set condition-type non-exist
                    next
                end
            next
            edit "2003::2:2:2:2"
                config conditional-advertise6
                    edit "map-222"
                        set condition-routemap "map-222" "map-282"
                    next
                    end
                set route-reflector-client6 enable
            next
        end
    end
To verify the IPv4 conditional advertisements:
# get router info bgp neighbors 2.2.2.2
...
  Conditional advertise-map:
        Adv-map 2224root 2814root, cond-state 0-1
                         2224root, cond-state 0-1
                        comm1root, cond-state 0-0
...

In this output, the condition is that the routes in route maps 2814, 2224 and comm1 do not exist. However, routes for 2814 and 2224 exist, so the conditions are not met.

To verify the IPv6 conditional advertisements:
# get router info6 bgp neighbors 2003::2:2:2:2
...
  Conditional advertise-map:
        Adv-map map-222root map-222root, cond-state 1-1
                            map-282root, cond-state 1-0
...

In this output, the condition is that the routes in route maps map-222 and map-282 exist. However, routes for map-222 exist, but map-282 does not, so the conditions are not met.

To view the conditional route maps:
# diagnose ip router command show-vrf root show running router bgp
...
 neighbor 2.2.2.2 advertise-map 2224root exist-map 2814root
 neighbor 2.2.2.2 advertise-map 2224root exist-map 2224root
 neighbor 2.2.2.2 advertise-map 2224root exist-map comm1root
... ...
 !
 address-family ipv6
 neighbor 2003::2:2:2:2 advertise-map map-222root non-exist-map map-222root
 neighbor 2003::2:2:2:2 advertise-map map-222root non-exist-map map-282root
!

Accept multiple conditions in BGP conditional advertisements 7.0.4

BGP conditional advertisements can accept multiple conditions to be used together. The conditional route map entries are treated as an AND operator.

Example

In the following example, the FortiGate will only advertise routes to its neighbor 2.2.2.2 if it learns multiple BGP routes defined in its conditional route map entry. All conditionals must be met. This applies to IPv4 and IPv6.

To configure multiple conditions in BGP conditional advertisements:
  1. Configure the IPv4 prefix list:
    config router prefix-list
        edit "281"
            config rule
                edit 1
                    set prefix 172.28.1.0 255.255.255.0
                    unset ge
                    unset le
                next
            end
        next
        edit "222"
            config rule
                edit 1
                    set prefix 172.22.2.0 255.255.255.0
                    unset ge
                    unset le
                next
            end
        next
    end
  2. Configure the community list:
    config router community-list
        edit "30:5"
            config rule
                edit 1
                    set action permit
                    set match "30:5"
                next
            end
        next
    end
  3. Configure the IPv4 route maps:
    config router route-map
        edit "comm1"
            config rule
                edit 1
                    set match-community "30:5"
                    set set-route-tag 15
                next
            end
        next
        edit "2224"
            config rule
                edit 1
                    set match-ip-address "222"
                next
            end
        next
        edit "2814"
            config rule
                edit 1
                    set match-ip-address "281"
                next
            end
        next
    end
  4. Configure the IPv6 prefix list:
    config router prefix-list6
        edit "adv-222"
            config rule
                edit 1
                    set prefix6 2003:172:22:1::/64
                    unset ge
                    unset le
                next
            end
        next
        edit "list6-2"
            config rule
                edit 1
                    set prefix6 2003:172:28:2::/64
                    unset ge
                    unset le
                next
            end
        next
    end
  5. Configure the IPv6 route maps:
    config router route-map
        edit "map-222"
            config rule
                edit 1
                    set match-ip6-address "adv-222"
                next
            end
        next
        edit "map-282"
            config rule
                edit 1
                    set action deny
                    set match-ip6-address "list6-2"
                next
            end
        next
    end
  6. Configure the BGP settings:
    config router bgp
        config neighbor
            edit "2.2.2.2"
                config conditional-advertise
                    edit "2224"
                        set condition-routemap "2814" "2224" "comm1"
                        set condition-type non-exist
                    next
                end
            next
            edit "2003::2:2:2:2"
                config conditional-advertise6
                    edit "map-222"
                        set condition-routemap "map-222" "map-282"
                    next
                    end
                set route-reflector-client6 enable
            next
        end
    end
To verify the IPv4 conditional advertisements:
# get router info bgp neighbors 2.2.2.2
...
  Conditional advertise-map:
        Adv-map 2224root 2814root, cond-state 0-1
                         2224root, cond-state 0-1
                        comm1root, cond-state 0-0
...

In this output, the condition is that the routes in route maps 2814, 2224 and comm1 do not exist. However, routes for 2814 and 2224 exist, so the conditions are not met.

To verify the IPv6 conditional advertisements:
# get router info6 bgp neighbors 2003::2:2:2:2
...
  Conditional advertise-map:
        Adv-map map-222root map-222root, cond-state 1-1
                            map-282root, cond-state 1-0
...

In this output, the condition is that the routes in route maps map-222 and map-282 exist. However, routes for map-222 exist, but map-282 does not, so the conditions are not met.

To view the conditional route maps:
# diagnose ip router command show-vrf root show running router bgp
...
 neighbor 2.2.2.2 advertise-map 2224root exist-map 2814root
 neighbor 2.2.2.2 advertise-map 2224root exist-map 2224root
 neighbor 2.2.2.2 advertise-map 2224root exist-map comm1root
... ...
 !
 address-family ipv6
 neighbor 2003::2:2:2:2 advertise-map map-222root non-exist-map map-222root
 neighbor 2003::2:2:2:2 advertise-map map-222root non-exist-map map-282root
!