Description
Sometimes, it is require to redistribute all static routes but it is not require to redistribute the default route.
Here, there is FortiGate unit receiving 5 routes and a default route via RIP protocol.
Filter the default route when redistributing static Routes into RIP.
CENTRAL-SITE # get router info routing-table rip
R* 0.0.0.0/0 [120/2] via 11.11.11.2, port1, 00:00:20
R 1.1.1.1/32 [120/2] via 11.11.11.2, port1, 01:20:22
R 2.2.2.2/32 [120/2] via 11.11.11.2, port1, 01:20:22
R 3.3.3.3/32 [120/2] via 11.11.11.2, port1, 01:20:22
R 4.4.4.4/32 [120/2] via 11.11.11.2, port1, 01:20:22
R 192.168.200.0/24 [120/2] via 11.11.11.2, port1, 04:12:36
Note: This FortiGate unit is receiving the routes. Filtering will be configured on the devices which is redistributing the static routes.
Solution
1) Create a Prefix list to filter the Default route and permit all other routes
#config router prefix-list
edit "PREFIX-DEFAULT-ROUTE"
config rule
edit 1
set action deny
set prefix 0.0.0.0 0.0.0.0
unset ge
unset le
next
edit 2
set prefix 0.0.0.0 0.0.0.0
unset ge
set le 32
next
end
next
end
2) Create route map and use the prefix list created in step one.
BRANCH-OFFICE # show router route-map
config router route-map
edit "RM-REDISTRIBUTE-STATIC-RIP"
config rule
edit 1
set match-ip-address "PREFIX-DEFAULT-ROUTE"
next
end
next
end
3) Apply route map into static redistribution as below:
#config router rip
#config redistribute "static"
set status enable
set routemap "RM-REDISTRIBUTE-STATIC-RIP"
end
Verification:
After configuration performed, default route is not being received on this FortiGate. See below:
CENTRAL-SITE # get router info routing-table rip
R 1.1.1.1/32 [120/2] via 11.11.11.2, port1, 01:31:04
R 2.2.2.2/32 [120/2] via 11.11.11.2, port1, 01:31:04
R 3.3.3.3/32 [120/2] via 11.11.11.2, port1, 01:31:04
R 4.4.4.4/32 [120/2] via 11.11.11.2, port1, 01:31:04
R 192.168.200.0/24 [120/2] via 11.11.11.2, port1, 04:23:18
