Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akristof
Staff
Staff

Created on ‎10-03-2022 07:18 AM

Article Id 225508

Technical Tip: Static route with administrative distance 255

Description

 

This article will explain how FortiOS handles static route with administrative distance 255.

 

Scope

 

FortiGate

 

Solution

 

From GUI and CLI FortiOS will allow users to configure static route with administrative distance 255. Lets demonstrate blackhole route with an example:

 

akristof_0-1664804593692.png

 

However, distance 255 means that the route is invalid. The route will be visible in routing-table database.

But if this blackhole route will be only available route towards the destination, it will not be inserted into forwarding-table and as a result, traffic will not be dropped (routed) as expected.

 

akristof_1-1664804771940.png

 

Because of this, administrative distance of any static route needs to be 254 or less. Otherwise, route will be considered as unreachable.

Labels:
1539
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.