Advanced Routing
New advanced routing features include:
- BGP Neighbor Groups
- OSPF Fast Hello
- BGP Conditional Advertising
- Source and Destination IP-based Mode for ECMP
- Policy Routes
BGP Neighbor Groups
A Border Gateway Protocol (BGP) neighbor group can now be configured automatically based on a range of neighbors' source addresses, rather than configuring neighbors individually. A maximum number of neighbors can be set for each group to be between 1 and 1000.
Syntax
config router bgp
config neighbor-group
edit <name>
set ... (same configuration options as config neighbor)
next
config neighbor-range
edit <id>
set prefix <class_ip&net_netmask>
set max-neighbor-num <integer>
set neighbor-group <name>
end
end
OSPF Fast Hello
Open Shortest Path First (OSPF) fast hello provides a way to send a set number of hello packets per second and use a dead interval of four hellos. Fast hello can be configured on an OSPF interface through the CLI. If dead-interval
is set to 1 second, fast hello will be enabled. The hello-multiplier
value, which can be between 4 and 10, sets the number of hello packets that will be sent per second.
Syntax
config ospf-interface
edit ospf1
set interface port1
set network-type broadcast
set dead-interval 1
set hello-multiplier 4
end
end
BGP Conditional Advertising
BGP conditional advertising is supported in FortiOS 5.2.
Normally, routes are propagated regardless of the existence of a different path. Using BGP conditional advertisement allows a route not to be advertised based on existence or non-existence of other routes. With this new feature, a child table under bgp neighbor is introduced. Any route matched by one of the route-map specified in the table will be advertised to the peer based on the corresponding condition route-map.
Syntax
config router bgp
config neighbor
edit <name>
set remote-as 3
config conditional-advertise
edit <name>
set condition-routemap <name>
set condition-type {exist | non-exist}
end
end
end
end
end
Source and Destination IP-based Mode for ECMP
A new mode has been added that allows Equal-cost multi-path routing (ECMP) to select next hop based on both source and destination IPs. This can be configured as a global setting (if virtual-wan-link
is disabled) or for a virtual WAN link.
Syntax
config system {settings | virtual-wan-link}
set v4-ecmp-mode source-dest-ip-based
end
Policy Routes
The following options have been added for policy routes:
- Multiple source/destination subnets.
- Multiple input devices.
src-negate
anddst-negate
can now be enabled.action
can now be set topermit
ordeny
.