Created on 11-29-2019 03:11 AM Edited on 10-27-2023 12:07 AM By Anthony_E
Description
This article describes how to override default route settings: administrative distance and priority, for the default route received from DHCP.
A DHCP server can send a gateway address with Option 3 (Router) on a DHCP Offer message:
Solution 1:
Create a static route with desired AD and priority, as well as the 'dynamic-gateway' option enabled.
Note that the distance of the static route should be less than the distance configured on the interface (default is 5).
show full system interface port1 | grep distance
set distance 5
config router static
edit 1
set distance 3
set priority 25
set device "port1"
set dynamic-gateway enable
next
end
Below is the output of the routing table:
FGT # get router info routing-table all
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
Routing table for VRF=0
S* 0.0.0.0/0 [3/0] via 192.168.254.254, port1, [25/0]
Solution 2:
Edit distance and priority under interface configuration.
config system interface
edit "port1"
set vdom "root"
set mode dhcp
set distance 3
set priority 10
set allowaccess ping https ssh http
set type physical
set snmp-index 1
next
end
Below is the output of routing table:
FGT # get router info routing-table all
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
Routing table for VRF=0
S* 0.0.0.0/0 [3/0] via 192.168.254.254, port1, [10/0]
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.