Fortinet white logo
Fortinet white logo

Hyperscale Firewall Guide

Blackhole and loopback routes and BGP in a hyperscale VDOM

Blackhole and loopback routes and BGP in a hyperscale VDOM

Fortinet recommends that you should not configure hyperscale VDOMs to use blackhole and loopback routes for BGP. By default, blackhole routes are set to drop and loopback routes are set to forward to the CPU and these settings should not be changed.

If you want a BGP route entry regardless of whether there is a real route or not, you can use the BGP network-import-check option to determine whether a network prefix is advertised or not. For more information, see Allow per-prefix network import checking in BGP.

Blackhole and loopback routes and BGP in a hyperscale VDOM

Blackhole and loopback routes and BGP in a hyperscale VDOM

Fortinet recommends that you should not configure hyperscale VDOMs to use blackhole and loopback routes for BGP. By default, blackhole routes are set to drop and loopback routes are set to forward to the CPU and these settings should not be changed.

If you want a BGP route entry regardless of whether there is a real route or not, you can use the BGP network-import-check option to determine whether a network prefix is advertised or not. For more information, see Allow per-prefix network import checking in BGP.