FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article explains the forwarding decisions using the ARP table and FDB in Transparent mode.
Scope
FortiGate v6.0+.
Solution
In transparent mode, the Address Resolution Protocol (ARP) table is used in the following situations:
For IP traffic received or originated by the FortiGate itself, and in destination of the management device or next hop.
When IPsec is used, the FortiGate uses its ARP table to forward the traffic from the IPsec tunnel to the local destination host(s). All other forwarding decision is based on the Forwarding Database (FDB) table or optional settings
To view all instances of the forwarding database (FDB), use the following CLI command:
diagnose netlink brctl list
FGT # diagnose netlink brctl list list bridge information 1. root.b fdb: size=256 used=6 num=7 depth=2 simple=no 2. mgmt.b fdb: size=256 used=5 num=4 depth=2 simple=no Total 2 bridges
To dump the L2 forwarding table for each VDOM bridge instance, use:
