Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sfernando
Staff
Staff

Created on ‎09-23-2024 01:58 AM Edited on ‎10-12-2025 12:10 PM By Moderator

Article Id 343265

Technical Tip: Different usage of the 'execute router' command with abnormal routing behavior

Description

This article describes how to handle abnormal behavior with the different kinds of routing protocols used in FortiGate and related products, such as static routes, BGP, and OSPF.

All these routing-related operations are handled by the routine engine on the FortiGate. Due to various reasons, it is possible to observe abnormalities in routing behaviors.
Scope FortiGate and Fortinet products with routing.
Solution

In the context of abnormal behavior, there are multiple ways to clear or restart the routine engine process.

 

  1. Restart the entire routing engine using the below command. It is important to note that this will affect all the traffic in the device hence need to do it during a maintenance window:

 

execute router restart 

 

This is a global command, so it must be run from the global VDOM when using a multi-VDOM setup. This affects traffic across all VDOMs, so should be used during a maintenance window:

 

FGT# config global

FGT(global)#execute router restart

 

  1. If the issue is only on a specific protocol, clear or restart the respective routing protocol as below:

 

OSPF:

 

execute router clear ospf process <----- This will clear all the OSPF processors.

 

BGP:

 

execute router clear bgp <options>

all             <----- Clear all BGP peers. [Take 0-5 arg(s)] <----- Used for BGP hard reset.
as               <----- Clear BGP peer by AS number. [Take 0-6 arg(s)]
dampening        <----- Clear route flap dampening information. [Take 0-1 arg(s)].
external             <----- Clear all external peers. [Take 0-2 arg(s)].
flap-statistics    <----- Clear route flap statistics. [Take 0-1 arg(s)].
IP                 <----- Clear BGP peer by IP address. [Take 0-6 arg(s)]
ipv6             <----- Clear BGP peer by IPv6 address. [Take 0-6 arg(s)]

 

After selecting the above option,  select more arguments based on the option selected.

 

Example:

 

execute router clear bgp all 

                     <args...> Input arguments:
                     <none>
                     in
                     in prefix-filter
                     out
                     vrf-leak
                     vpnv4 unicast soft [in|out]
                     soft [in|out|vrf-leak] <----- Soft reset of BGP routes IN or OUT and VRF leak.

       

  1. BFD session is another option possible to clear using this command:

 

 execute router clear bfd session <Source IP> <Destination IP> <Interface>  

 

BFD session details can be found using the below commands:

 

get router info bfd neighbor

get router info bfd requests

 

Disclaimer: The command 'execute router restart' is executed in the global context. In a multi-VDOM environment, this command will restart the entire routing engine across all VDOMs. Use this command with caution, as it impacts all virtual domains configured on the device. Ensure proper planning and maintenance window before executing this command to avoid unintended disruptions.

 

Related documents:

BFD - FortiGate administration guide

Troubleshooting BGP - FortiGate administration guide

Basic OSPF example - FortiGate administration guide
2499
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.