Hot!BGP - not adding BGP route into routing-table

Author
chowzen
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/02/19 22:55:05
  • Status: offline
2018/02/19 23:09:15 (permalink)
0

BGP - not adding BGP route into routing-table

Hi all,
 
I hope you can assist, I have an issue where the iBGP route that is advertised from the ISP is not being added into the Forti routing-table.
 
The neighbor relationship is working and I can see the routes - please see below output from my config - I must be missing something - our help is appreciated !!
 
Config:
config router prefix-list
    edit "DFLT-BGP-IN"
        config rule
            edit 1
                set prefix 0.0.0.0 0.0.0.0
                unset ge
                unset le
            next
            edit 10
                set action deny
                set prefix any
                unset ge
                unset le
            next
        end
    next
    edit "RAIN-OUT"
        config rule
            edit 10
                set prefix 1.2.3.4 255.255.255.240
                unset ge
                unset le
            next
            edit 20
                set action deny
                set prefix any
                unset ge
                unset le
            next


  • config router route-map
    edit "only_default_route"
        config rule
            edit 10
                set match-ip-address "DFLT-BGP-IN"
            next
        end
    next
    edit "BGP-RTMP-1-IN-ISP1"
        config rule
            edit 10
                set match-ip-address "DFLT-BGP-IN"
                set set-local-preference 200
            next
        end
    next
    edit "BGP-RTMP-2-IN-ISP2"
        config rule
            edit 10
                set match-ip-address "DFLT-BGP-IN"
                set set-local-preference 150
            next
        end
    next
    edit "BGP-RTMP-1-OUT-ISP-1"
        config rule
            edit 10
                set match-ip-address "RAIN-OUT"
                set set-metric 100
            next
        end
    next
    edit "BGP-RTMP-2-OUT-ISP-2"
        config rule
            edit 10
                set match-ip-address "RAIN-OUT"
                set set-metric 150
  • config router static
    edit 19
        set dst 1.2.3.4 255.255.255.240 (fake public addresses we use)
        set blackhole enable
    next
    edit 17
        set dst 2.2.2.2 255.255.255.255 (loopback)
        set blackhole enable
    next
end


  • config router bgp
    set as 37101
    set router-id 2.2.2.2
    config neighbor
        edit "10.1.24.1"
            set description "ISP-1"
            set remote-as 37105
            set route-map-in "BGP-RTMP-1-IN-ISP1"
            set route-map-out "BGP-RTMP-1-OUT-ISP-1"
            set send-community6 disable
        next
    end
    config network
        edit 10
            set prefix 1.2.3.4 255.255.255.240


Here is the output from the tshoot:
 
BGP router identifier 2.2.2.2, local AS number 37105
BGP table version is 7
2 BGP AS-PATH entries
0 BGP community entries

Neighbor        V         AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.1.24.1       4      37105    1171    1143        7    0    0 15:57:11        1
 
# get router info bgp network
BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i0.0.0.0/0        10.1.24.1                0    200      0 37662 i
*> 1.2.3.4/28   0.0.0.0                       100  32768 i

Total number of prefixes 2
 
# get router info bgp neighbors 10.1.24.1 received-routes
% Inbound soft reconfiguration not enabled


 
# get router info routing-table bgp


So the route that the neighbor advertises, is seen by BGP, but not added to the BGP routing table ?
 
please help
 
thanks
 
 
 
 
#1

4 Replies Related Threads

    stanislav.timofeev
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/12/08 01:45:57
    • Status: offline
    Re: BGP - not adding BGP route into routing-table 2018/02/20 05:49:28 (permalink)
    0
    Hi. Could you check the #get router info routing-table database output? Does it have default route received from BGP neighbor? 
    If yes, it seems that you don't have any issue. As you can see from your debug soft-reconfiguration feature is not enabled for your neighbor. it means that prefixes rejected by the inbound policy are not kept in memory and therefore "get router info bgp neighbors 10.1.24.1 received-routes" is unable to show these rejected prefixes. You accept only default and reject all, so it seems to be a root cause. 

    NSE 1-7, FCT, CCSA, CCSE, CompTIA CTT+
    #2
    emnoc
    Expert Member
    • Total Posts : 4829
    • Scores: 294
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: online
    Re: BGP - not adding BGP route into routing-table 2018/02/20 08:18:14 (permalink)
    0
    Agreed, your  prefix is not going to be useful due to your route-policy via the route-map. if you want to fix this add the prefix to the prefix list
     
    e.g
    config router prefix-list
        edit "DFLT-BGP-IN"
            config rule
                edit 1
                    set prefix 0.0.0.0 0.0.0.0
                    unset ge
                    unset le
                next
               edit 2
                    set prefix x.x.x.x/24
                     set action accept
                next
                edit 10
                    set action deny
                    set prefix any
                    unset ge
                    unset le
                next
            end
        next

    PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
    #3
    chowzen
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/02/19 22:55:05
    • Status: offline
    Re: BGP - not adding BGP route into routing-table 2018/02/20 22:16:53 (permalink)
    0
    Thanks for the reply.
     
    here is the important bits:
     
    get router info routing-table database
    Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
           O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
           > - selected route, * - FIB route, p - stale info

    B       0.0.0.0/0 [200/0] via 10.1.24.1, 18:58:18
    S    *> 0.0.0.0/0 [10/0] via 41.73.34.17, wan1
    S       2.2.2.2/32 [10/0] is a summary, Null inactive
    C    *> 2.2.2.2/32 is directly connected, BGP-LOOPBACK-0
     
     
    So am I correct in saying that it is actually there - but due to a static default route, forti is not adding it to the routing table to rout with ?
    #4
    chowzen
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/02/19 22:55:05
    • Status: offline
    Re: BGP - not adding BGP route into routing-table 2018/02/20 22:19:56 (permalink)
    0
    Yes, it was that.  So stupid... I changed the admin distance - and there it is.
     
    thanks for the replies guys - really appreciate it.
    #5
    Jump to:
    © 2018 APG vNext Commercial Version 5.5