router community-list
Use this command to identify BGP routes according to their COMMUNITY attributes (see RFC 1997). Each entry in the community list defines a rule for matching and selecting routes based on the setting of the COMMUNITY attribute. The default rule in a community list (which the FortiGate applies last) denies the matching of all routes.
config router community-list edit {name} # Configure community lists. set name {string} Community list name. size[35] set type {standard | expanded} Community list type (standard or expanded). standard Standard community list type. expanded Expanded community list type. config rule edit {id} # Community list rule. set id {integer} ID. range[0-4294967295] set action {deny | permit} Permit or deny route-based operations, based on the route's COMMUNITY attribute. deny Deny route-based operations. permit Permit or allow route-based operations. set regexp {string} Ordered list of COMMUNITY attributes as a regular expression. size[255] set match {string} Community specifications for matching a reserved community. size[255] next next end
Additional information
The following section is for those options that require additional explanation.
type {standard | expanded}
Specify the type of community to match. If you select expanded
, you must also specify a regular expression.
match {string}
Note: This field is available when type
is set to standard
.
Specify the criteria for matching a reserved community.
- Use decimal notation to match one or more COMMUNITY attributes having the syntax
AA:NN
, whereAA
represents an AS, andNN
is the community identifier. Delimit complex expressions with double-quotation marks (for example,“123:234 345:456”
). - To match all routes in the Internet community, type
internet
. - To match all routes in the LOCAL_AS community, type
local-AS
. Matched routes are not advertised locally. - To select all routes in the NO_ADVERTISE community, type
no-advertise
. Matched routes are not advertised. - To select all routes in the NO_EXPORT community, type
no-export
. Matched routes are not advertised to EBGP peers. If a confederation is configured, the routes are advertised within the confederation.
regexp {string}
Note: This field is available when type
is set to expanded
.
Specify an ordered list of COMMUNITY attributes as a regular expression. The value or values are used to match a community. Delimit a complex regular expression value using double-quotation marks.