router : community-list
Use this command to identify BGP routes according to their COMMUNITY attributes (see RFC 1997). Each entry in the community list defines a rule for matching and selecting routes based on the setting of the COMMUNITY attribute. The default rule in a community list (which the FortiGate unit applies last) denies the matching of all routes.
You add a route to a community by setting its COMMUNITY attribute. A route can belong to more than one community. A route may be added to a community because it has something in common with the other routes in the group (for example, the attribute could identify all routes to satellite offices).
When the COMMUNITY attribute is set, the FortiGate unit can select routes based on their COMMUNITY attribute values.
config router community-list
edit <community_name>
set type {standard | expanded}
config rule
edit <community_rule_id>
set action {deny | permit}
set match <criteria>
set regexp <regular_expression>
The action field is required. All other fields are optional.
edit <community_name>
Enter a name for the community list.
No default.
type {standard | expanded}
Specify the type of community to match. If you select expanded, you must also specify a config rule regexp value. See “regexp <regular_expression>”.
config rule variables
edit <community_rule_id>
Enter an entry number for the rule. The number must be an integer.
No default.
action {deny | permit}
Deny or permit operations on a route based on the value of the route’s COMMUNITY attribute.
No default.
match <criteria>
This field is available when set type is set to standard.
Specify the criteria for matching a reserved community.
Use decimal notation to match one or more COMMUNITY attributes having the syntax AA:NN, where AA represents an AS, and NN is the community identifier. Delimit complex expressions with double-quotation marks (for example, “123:234 345:456”).
To match all routes in the Internet community, type internet.
To match all routes in the LOCAL_AS community, type local-AS. Matched routes are not advertised locally.
To select all routes in the NO_ADVERTISE community, type no-advertise. Matched routes are not advertised.
To select all routes in the NO_EXPORT community, type no-export. Matched routes are not advertised to EBGP peers. If a confederation is configured, the routes are advertised within the confederation.
regexp <regular_expression>
This field is available when set type is set to expanded.
Specify an ordered list of COMMUNITY attributes as a regular expression. The value or values are used to match a community. Delimit a complex regular_expression value using double-quotation marks.