Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AlexFerenX
New Contributor III

What's "FDNI"?

There a multiple references to "FDNI" acronym (seemingly, referring to FortiGuard Distribution Network servers), but I cannot find exact expansion. Once and for all, what's "FDNI"?

19 REPLIES 19
xshkurti
Staff
Staff

@AlexFerenX 
In FortiManager Certification Study Guide NSE5 FMG you will find the information about this acronym.

When you want to try and get list of servers that FortiManager is taking updates:

# diagnose fmupdate view-servrelist fds
you will see the last line column named as "source" and it shows the source of the update.

There are a couple of options, including CLI, Default and FDNI 
Basically, FDNI refers to public FDS (FortiGuard Distribution Network through Internet).

 

More info: Configure FortiManager as a local FDN ser... - Fortinet Community

Hope this clarifies it.

AlexFerenX
New Contributor III


FDNI refers to public FDS (FortiGuard Distribution Network through Internet).

How is this related to FDNI object, eg. "00000000FDNI00000-00000.00000-0000000000" as observed using "diagnose test update info"?

xshkurti
Staff
Staff

@AlexFerenX 
I am sending some example below:

############################################
# This part is fortigate trying to figure out what database version it has internally, and then compose request string to fortiguard
# For instance.
# 04000000AVDB00203 <-- this is for Active AV database. (Most common)
# 04000000AVDB00322 <-- this is for the ETDB High (In this particular model)
# 04000000AVDB00417 <-- this is for Extremd database (Available for this model 1000C)

upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00203-00001.00234-1308131219 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00322-00001.00234-1308131214 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00417-00001.00234-1308131213 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000NIDS01001-00003.00295-1301301923 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000FLDB00100-00021.00580-1402060813 upd_cfg_api.c[479] upd_cfg_extract_netscan_db_version-version=04000000VCME00300-00001.00204- 1403251915
upd_pkg.c[622] upd_pkg_create_update_req-Exclude object version 2
upd_pkg.c[159] pack_obj-Packing obj=Protocol=3.0|Command=Update|Firmware=FGT1KC-FW-4.00- 672|SerialNumber=FGT1KC3911800485|UpdateMethod=0|AcceptDelta=1|DataItem=04000000AVDB00203- 00001.00234-1308131219*04000000AVDB00322-00001.00234-1308131214*04000000FLDB00100-00021.00580- 1402060813*04000000NIDS01001-00003.00295-1301301923*00000000FCNI00000-00000.00000- 0000000000*04000000ASEN00400-00001.00001-0903172330*00000000FDNI00000-00000.00000- 0000000000*01000000FSCI00100-00000.00000-0000000000*04000000AVEN02000-00005.00147- 1306141507*04000000FLEN00800-00002.00166-1308231621*04000000ASEN00700-00001.00001- 0903172330*04000000VCME00300-00001.00204-1403251915

 

If you see "00000000FDNI00000-00000.00000-0000000000" that means that fortigate/fortimanager has still no FDNI objects installed into its database (no known FDNI servers)

############################################
# This part is the response from fortiguard.
# Usually, we only care about 200 and 204. 200 means there is update. 204 means there is none.

upd_pkg.c[262] get_fcpr_rsp_code-Unpacked obj: Protocol=3.0|Response=300|Firmware=FPT033-FW-5.3- 0053|SerialNumber=FDS-VM- INTERNAL01|Server=FDSG|Persistent=false|ResponseItem=04000000AVDB00203:200*04000000AVDB00322:200 *04000000FLDB00100:200*04000000NIDS01001:200*00000000FCNI00000:200*04000000ASEN00400:204*00000 000FDNI00000:200*04000000AVEN02000:204*04000000FLEN00800:200*04000000ASEN00700:204*04000000VC ME00300:200*01000000FSCI00100:200
2
Here FDNI has taken value 200 meaning that it has an update:
00000 000FDNI00000:200
So Not all numbers necessary need to have some human translation, but the most important part is described above.

Hope this clarifies your query.
AlexFerenX
New Contributor III

Please clarify - what's the content of "00000000FDNI00000" package? Are you implying that list of FDS servers, for example, listed under "Server List" using "get webfilter status" are populated from this package?

xshkurti
Staff
Staff

It is a connection indicator showing all FortiGuard servers and their connection status

AlexFerenX
New Contributor III

So, this "package" has no content - it's only significance is ":200" and ":204" appended to its name?

If so, where/how does the Fortigate obtain the complete list of Internet FDS servers, for example, listed under "Server List" using "get webfilter status"?

xshkurti

Hi Alex,

.200 and .204 are indicators of the connection status to FortiGuard servers around the world. 
Fortigate connects to FortiGuard servers that are configured under config system fortiguard, and from there it gets a list of nearest servers and establishes a tcp connection with them. Of course, Fortiguard servers will push some data, including a list of internet servers. Server IP list should be included in that package.

Hope this answers your question.

 

AlexFerenX
New Contributor III

> Fortigate connects to FortiGuard servers that are configured under config system fortiguard

 

Wait.. No, “config system fortiguard” (other than SDNS & DDNS servers) does not specify FDNI servers!

xshkurti

@AlexFerenX 
When you have configured a DNS server in a windows machine, normally you navigate to internet without any problems. This means that DNS servers will give you an answer for your query.

FortiGuard servers are doing the same. When you configure Fortiguard servers, normally you point to somewhere from where you will get some services.

One of those services is a list of servers that will provide you some rating values for specific websites.

This list of servers is maintained locally or remotely. If this list of rating servers (which was updated using FortiGuard servers) is remote, you will see FDNI entries in your logs.

 

FDNI is not some list that you specify somewhere, is a list of servers that FortiGuard will provide you and you will use this list to get responses for your rating services. This list is dynamic and not maintained by you, so you have no option where to specify it.

 

Thanks

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors