Route cache is a linux kernel component that is consulted prior to the actual route lookup. If the lookup into this cache does not produce a match, the packet is forwarded based on a FIB lookup. The cache is a hash table and a lookup into this table is performed based on a key constructed from the tuples seen in the IP packet header such as its source IP, destination IP, and related information.

Linux Kernel stopped using the route cache routing component starting from version 3.6 onwards, due to slowness and security reasons. The 'old' routing cache has been replaced with newer techniques such as Fib Trie/ LC Trie algorithms.

As a result, FortiGates that are running on Linux kernel 3.6 or above will not have this table anymore.

To view the Kernel version running on the FortiGate, run the following command.

The following FortiGate has the old route cache table:

fnsysctl cat /proc/version
Linux version 3.2.16 (root@build) (gcc version 7.3.1 20180425 (Linaro GCC 7.3-2018.05) ) #2 SMP Tue Jun 6 14:13:43 UTC 2023

diag ip rtcache list

family=02 tab=254 vrf=0 vf=0 type=01 tos=0 flag=00000200
208.91.112.53@48(ppp1)->192.168.168.150@15(port7) gwy=0.0.0.0 prefsrc=172.16.10.252
ci: ref=1 lastused=49 expire=0 err=00000000 used=207 br=0 pmtu=1500

family=02 tab=254 vrf=0 vf=0 type=01 tos=0 flag=04000200
10.0.17.249@35(agg)->154.52.12.53@48(ppp1) gwy=217.165.172.1 prefsrc=10.0.17.250
ci: ref=1 lastused=17 expire=0 err=00000000 used=107 br=0 pmtu=1492

The following FortiGate does not have a route cache:

fnsysctl cat /proc/version
Linux version 4.19.13 (root@build) (gcc version 10.3.0 (GCC)) #1 SMP Tue Jun 6 16:09:54 UTC 2023

diag ip rtcache list
8575: Unknown action 0
Command fail. Return code -1

In general, F series FortiGates running on FortiOS 7.x will contain the new kernel. However, it is recommended to double-check the version by executing the command mentioned above.