BGP
Border Gateway Protocol (BGP) is a standardized routing protocol that is used to route traffic across the internet. It exchanges routing information between Autonomous Systems (AS) on the internet and makes routing decisions based on path, network policies, and rule sets. BGP contains two distinct subsets: internal BGP (iBGP) and external BGP (eBGP). iBGP is intended for use within your own networks. eBGP is used to connect different networks together and is the main routing protocol for the internet backbone.
To configure BGP in the GUI, go to Network > BGP:
Option |
Description |
---|---|
Local AS |
The AS number for the local router. |
Router ID |
A unique ID to identify your router in the network, typically in the format x.x.x.x. |
Neighbors |
The neighbors that the FortiGate will be peering with. Configure the remote router's AS number, any other properties used for peering with the neighbor, and IPv4 and IPv6 filtering. |
Neighbor Groups |
The neighbor groups that share the same outbound policy configurations. |
Neighbor Ranges |
The source address range of BGP neighbors that will be automatically assigned to a neighbor group. |
IPv4 & IPv6 Networks |
The networks to be advertised to other BGP routers. |
IPv4 & IPv6 Redistribute |
Enable redistribution by protocol. Specify either All routes, or Filter by route map. |
Dampening |
Enable route flap dampening to reduce the propagation of flapping routes. |
Graceful Restart |
Enable BGP graceful restart, which causes the adjacent routers to keep routes active while the BGP peering is restarted on the FortiGate. This is useful in HA instances when failover occurs. |
Advanced Options |
Various advanced settings, such as Local Preference, Distance internal, Keepalive, Holdtime, and others |
Best Path Selection |
Configure path selection attributes on this router. |
This section includes the following topics:
- Basic BGP example
- Route filtering with a distribution list
- Next hop recursive resolution using other BGP routes
- Next hop recursive resolution using ECMP routes
- BGP conditional advertisement
- BGP error handling per RFC 7606
- BGP next hop tag-match mode
- BGP neighbor password
- Defining a preferred source IP for local-out egress interfaces on BGP routes
- BGP multi-exit discriminator
- TCP Authentication Option advanced security measures
- Assign multiple remote Autonomous Systems to a single BGP neighbor group
- Troubleshooting BGP