Created on
‎12-17-2021
11:11 AM
Edited on
‎04-23-2025
07:54 AM
By
Stephen_G
Description
This article describes how to view routing information.
Scope
FortiGate Routing.
Solution
View routing information on FortiGate CLI.
- All IP routing protocols submit the best routes for each destination to the routing table.
- The routing table manager then determines which route for a particular destination is to be submitted to the forwarding table. This includes directly connected, static routes, and dynamically learned routes.
- Packets are forwarded according to the forwarding table.
RIB vs FIB:
Routing Information Base (RIB):
- This is a database of routing prefixes that could potentially be installed into the forwarding table.
- RIB is derived from the control plane, it is not used for forwarding. Every protocol such as OSPF, EIGRP, and BGP has its own RIB and selects its best candidates to try to install to global RIB so that it can then be selected for forwarding.
- The RIB is the input to the route computation.
Forwarding Information Base (FIB):
- It is a table that contains information necessary to forward IP datagrams - ALL active routes in the routing table must be present in the FIB.
- Entries contain interface identifiers and next-hop information for each reachable destination network prefix.
- The FIB may also include routes that are not in the routing table - such as dynamically added routes to reach SSL VPN users.
- The FIB is the output of the route computation.
- FIB is derived from RIB.
Viewing RIB in the CLI:
FGT # get router info routing-table all
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
C 10.27.0.0/20 is directly connected, port2
C 10.32.0.0/20 is directly connected, port3
C 10.37.0.0/20 is directly connected, port4
O 10.143.0.0/20 [110/2] via 10.27.9.50, port2, 03:53:48
2 Ways of viewing FIB in CLI:
Forwarding table (Kernel routes/FIB):
-
FGT # get router info kernel
...
- FGT #diagnose ip route list
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->127.255.255.255/32 pref=127.0.0.1 gwy=0.0.0.0 dev=13(root)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.64/32 pref=169.254.0.66 gwy=0.0.0.0 dev=20(havdlink1)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.66/32 pref=169.254.0.66 gwy=0.0.0.0 dev=20(havdlink1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.127/32 pref=169.254.0.66 gwy=0.0.0.0 dev=20(havdlink1)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.27.0.0/20 pref=10.27.11.96 gwy=0.0.0.0 dev=4(port2)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.32.0.0/20 pref=10.32.11.96 gwy=0.0.0.0 dev=5(port3)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.37.0.0/20 pref=10.37.11.96 gwy=0.0.0.0 dev=6(port4)
tab=254 vf=0 scope=0 type=1 proto=11 prio=0 0.0.0.0/0.0.0.0/0->10.143.0.0/20 pref=0.0.0.0 gwy=10.27.9.50 dev=4(port2)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.64/26 pref=169.254.0.66 gwy=0.0.0.0 dev=20(havdlink1)
FIB Type ID: Types of routing connection:
Type ID | Value |
1 | Unicast |
2 | Local |
3 | Broadcast |
4 | Anycast |
5 | Multicast |
6 | Blackhole |
7 | Unreachable |
8 | Prohibited |
FIB Proto ID: This indicates where the route came from:
Proto ID | Source Protocol |
2 | Kernel |
11 | ZebOS |
14 | FortiOS |
15 | HA |
16 | Authentication-based |
17 | HA1 |
18 | HA Kernel Routes |
19 | HA Route on Secondary FortiGate |
30 | HA Route on New Primary |
Other FIB Values:
tab= | table number (254 for unicast and 255 for multicast) |
vf= | VDOM index number |
prio= | Priority of the route, lower priorities are preferred |
pref= | Preferred next hop |
gwy= | Address of the gateway for the route |
dev= | Outgoing interface index |
Related articles: