Routing Information Protocol (RIP)

Check your logs

If your routers log events to a central location, it can be easy to check the logs for your network for any outages. On your FortiGate unit, go to Log & Report. You will want to look at both event logs and traffic logs. Events to look for will generally fall under CPU and memory usage, interfaces going offline (due to dead gateway detection), and other similar system events.

Once you have found and fixed your network problem, you can go back to the logs and create a report to better see how things developed during the problem. This type of forensics analysis can better help you prepare for next time.

 

Use SNMP network monitoring

If your network had no problems one minute and slows to a halt the next, chances are something changed to cause that problem. Most of the time an offline router is the cause, and once you find that router and bring it back online, things will return to normal.

If you can enable a hardware monitoring system such as SNMP or sFlow on your routers, you can be notified of the outage and where it is exactly as soon as it happens.

Ideally you can configure SNMP on all your FortiGate routers and be alerted to all outages as they occur.

 

To use SNMP to detect potential routing loops

1. Go to System > Config > SNMP.

2. Enable SMTP Agent and select Apply.

Optionally enter the Description, Location, and Contact information for this device for easier location of the problem report.

3. Under SNMP v1/v2 or SNMP v3 as appropriate, select Create New.

SNMP v3

User Name                                 Enter the SNMP user ID.

Security Level                            Select authentication or privacy as desired. Select the authentication or pri- vacy algorithms to use and enter the required passwords.

Notification Host                       Enter the IP addresses of up to 16 hosts to notify.

Enable Query                             Select. The Port should be 161. Ensure that your security policies allow ports 161 and 162 (SNMP queries and traps) to pass.

 

SNMP v1/v2

Hosts                                          Enter the IP addresses of up to 8 hosts to notify. You can also specify the network Interface, or leave it as ANY.

Queries                                       Enable v1 and/or v2 as needed. The Port should be 161. Ensure that your security policies allow port 161 to pass.

Traps                                          Enable v1 and/or v2 as needed. The Port should be 162. Ensure that your security policies allow port 162 to pass.

4. Select the events for which you want notification. For routing loops this should include CPU usage is high, Memory is low, and possibly Log disk space is low.If there are problems the log will be filling up quickly, and the FortiGate unit’s resources will be overused.

5. Configure SNMP host (manager) software on your administration computer. This will monitor the SNMP information sent out by the FortiGate unit. Typically you can configure this software to alert you to outages or CPU spikes that may indicate a routing loop.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.