如何关闭 Leftmost AS 检查

1. 默认情况下，FortiGate 会检查学习到的 BGP 路由的 AS Path 属性，要求 AS Path 最左侧的 AS（Leftmost AS，最近的 AS）要和本地 AS 一致，当收到的 BGP 路由的 AS Path 属性的 Leftmost AS 与本地 AS 不一致时，会拒绝接收 BGP Update，并在 BGP Debug 信息中显示类似Attr ASPATH: Incorrect leftmost AS number, should be 65001信息。

   diagnose ip router bgp all enable
   diagnose ip router bgp level info
   diagnose debug enable
   
   BGP: 10.10.10.2-Outgoing [DECODE] Update: Starting UPDATE decoding... Bytes To Read (4005), msg_size (86)
   BGP: 10.10.10.2-Outgoing [DECODE] Attr ASPATH: Incorrect leftmost AS number, should be 65001
   BGP: 10.10.10.2-Outgoing [FSM] State: Established Event: 28
   BGP: 10.10.10.2-Outgoing [ENCODE] Msg-Hdr: Type 3
   BGP: %BGP-3-NOTIFICATION: sending to 10.10.10.2 3/11 (UPDATE Message Error/Malformed AS_PATH.) 13 data-bytes [40 02 0a 02 02 00 00 4f f9 00 00 f4 73]
   id=20300 logdesc="BGP neighbor status changed" msg="BGP: %BGP-5-ADJCHANGE: VRF 0 neighbor 10.10.10.2 Down BGP Notification FSM-ERR"

2. 通过如下 CLI 可以关闭对 BGP 路由 AS Path 的 Leftmost AS 的检查。

   config router bgp
       set enforce-first-as disable
   end