BGP 与静态路由的优先顺序

优先顺序

在路由表中，如果存在 2 条相同目的地址、AD（distance）的 BGP 路由和静态路由，那么 2 条路由无法同时存在于路由表中，较新一次更新的路由会被放入路由表，而旧路由会被取代。也就是说，谁最后有更新谁进路由表。

1. 如下所示，本来路由表中已存在 IBGP 路由 192.168.123.0/24（distance 为 200）。

   61F_A # get router info routing-table bgp
   Routing table for VRF=0
   B       192.168.123.0/24 [200/0] via 10.10.10.3 (recursive via to_SH_WAN1 tunnel 10.0.0.1), 03w3d12h, [1/0]

2. 配置 distance 为 200 且与 BGP 路由内容一致的静态路由。

   config router static
       edit 5
           set dst 192.168.123.0 255.255.255.0
           set distance 200
           set device "to_SH_WAN1"
       next
   end

3. 查看路由表，静态路由取代 BGP 路由入表，路由优选静态路由。

   FortiGate # get router info routing-table all
   ......
   Routing table for VRF=0
   ......
   S       192.168.123.0/24 [200/0] via to_SH_WAN1 tunnel 10.0.0.1, [1/0]
   
   
   FortiGate # get router info routing-table details 192.168.123.0
   Routing table for VRF=0
   Routing entry for 192.168.123.0/24
     Known via "static", distance 200, metric 0, best <----静态路由被优选
     * via to_SH_WAN1 tunnel 10.0.0.1 vrf 0, tun_id
   
   Routing entry for 192.168.123.0/24
     Known via "bgp", distance 200, metric 0
     Last update 03w3d13h ago
       vrf 0 10.10.10.3 priority 1 (recursive via to_SH_WAN1 tunnel 10.0.0.1)

4. 此时重置 BGP 邻居，让 FortiGate 重新学习 BGP 路由，再次查看路由表，BGP 路由取代静态路由入表，路由优选 BGP 路由。

   FortiGate # get router info routing-table all
   ......
   Routing table for VRF=0
   ......
   B       192.168.123.0/24 [200/0] via 10.10.10.3 (recursive via to_SH_WAN1 tunnel 10.0.0.1), 00:00:26, [1/0]
   
   FortiGate # get router info routing-table details 192.168.123.0
   Routing table for VRF=0
   Routing entry for 192.168.123.0/24
     Known via "bgp", distance 200, metric 0, best <----BGP路由被优选
     Last update 00:01:50 ago
     * vrf 0 10.10.10.3 priority 1 (recursive via to_SH_WAN1 tunnel 10.0.0.1)
   
   Routing entry for 192.168.123.0/24
     Known via "static", distance 200, metric 0
       via to_SH_WAN1 tunnel 10.0.0.1 vrf 0, tun_id

其他

1. 如果想确保 BGP 路由进路由表，而静态路由不进路由表（作为 BGP 路由失效时的备份路由），可以通过 Router Map 改大 BGP 学习到的路由的 Weight（默认是 0，与静态路由一致）。

   config router prefix-list
       edit "acl-weight"
           config rule
               edit 1
                   set prefix 192.168.123.0 255.255.255.0
                   unset ge
                   unset le
               next
           end
       next
   end
   
   config router route-map
       edit "weight-in"
           config rule
               edit 1
                   set match-ip-address "acl-weight"
                   set set-weight 40000
               next
               edit 2
               next
           end
       next
   end
   
   config router bgp
       config neighbor
           edit "10.10.10.3"
               set route-map-in "weight-in"
           next
       end
   end

2. 此时 BGP 路由入表，而静态路由只存在于路由 database 中，当 BGP 路由异常消失时，静态路由可以作为备用路由生效。

   FortiGate # get router info routing-table database    //查看路由数据库//
   ...
   B    *> 192.168.123.0/24 [200/0] via 10.10.10.3 (recursive via to_SH_WAN1 tunnel 10.0.0.1), 00:03:41, [1/0]
   S       192.168.123.0/24 [200/0] via to_Home_WAN1 tunnel 10.0.0.1, [1/0]
   ...
   
   FortiGate # get router info routing-table all    //查看路由表//
   ...
   B       192.168.123.0/24 [200/0] via 10.10.10.3 (recursive via to_SH_WAN1 tunnel 10.0.0.1), 00:03:46, [1/0]
   ...