Created on 03-31-2015 11:17 AM Edited on 11-26-2024 11:02 PM By Jean-Philippe_P
Description
This article describes how to identify any routes marked as inactive in the routing table using the CLI command get router info routing-table database.
Scope
FortiGate.
Solution
Distance or administrative distance is a number used by routers to determine which route is preferred for a particular destination.
If there are two routes to the same destination, the one with the smaller distance is considered better and used for routing.
The routes with higher distances are inactive and not added to the routing table.
If an interface is down, or FortiGate does not have Layer 2 connectivity to a subnet, that route is also considered inactive and will not be added to the routing table.
The command get router info routing-table details does not show inactive routes and displays only the one with the lowest distance (the active one).
For example, when two static routes to the same destination subnet have different distances, the one with the lower distance is active.
The one with the higher distance is inactive.
If the conditions to get a route into the routing table are not met, then the route is set by the FortiGate as inactive in the output of the get router info routing-table database.
The following routes will appear as inactive:
In the example below, the default static route is marked as inactive because its default gateway (8.8.8.8) is in a different subnet than the static IP address configured for the wan1 interface (10.10.10.1).
get router info routing-table database
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
> - selected route, * - FIB route, p - stale info
S 0.0.0.0/0 [10/0] via 8.8.8.8, wan1 inactive
C *> 3.3.3.0/24 is directly connected, internal
C *> 10.10.10.0/24 is directly connected, wan1
C *> 192.168.5.0/24 is directly connected, wifi
To view IPv6 routes, execute the below command:
get router info6 routing-table database
Example:
HUB # get router info6 routing-table database
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, B - BGP, V - BGP VPNv6
> - selected route, * - FIB route, p - stale info
Timers: Uptime
Routing table for VRF=0
S ::/0 [10/0] via 2001:db8:3c4d:15::1a2f:1a2b, port4 inactive, 00:24:47, [1024/0]
To view the active routes, execute the below command:
get router info routing-table details
Example:
HUB # get router info routing-table details
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
V - BGP VPNv4
* - candidate default
Routing table for VRF=0
S* 0.0.0.0/0 [10/0] via 10.9.15.254, port1, [1/0]
C 10.9.0.0/20 is directly connected, port1
S 10.10.10.0/24 [254/0] is a summary, Null, [1/0]
C 10.253.240.0/20 is directly connected, wqt.root
To view the route for a specific destination, execute the below command:
get router info routing-table details x.x.x.x <----- Here x.x.x.x is the destination IP.
Example:
HUB # get router info routing-table details 192.168.1.187
Routing table for VRF=0
Routing entry for 192.168.1.0/24
Known via "connected", distance 0, metric 0, best
* is directly connected, port2
Related document:
Routing Concepts
Related articles:
Technical Tip: FortiGate routing table conditions
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.