Troubleshooting static routing

Troubleshooting static routing

When there are problems with your network that you believe to be static routing related, there are a few basic tools available to locate the problem.

These tools include:

  • Ping
  • Traceroute
  • Examine routing table contents

Ping

Beyond the basic connectivity information, ping can tell you the amount of packet loss (if any), how long it takes the packet to make the round trip, and the variation in that time from packet to packet.

If there is no packet loss detected, your basic network connectivity is OK. If there is some packet loss detected, you should investigate:

  • Possible ECMP, split horizon, network loops
  • Cabling to ensure no loose connections

If there is total packet loss, you should investigate:

  • Hardware – ensure cabling is correct, and all equipment between the two locations is accounted for
  • Addresses and routes – ensure all IP addresses and routing information along the route is configured as expected
  • Firewalls – ensure all firewalls are set to allow PING to pass through

To ping from a Windows PC

1. Go to a DOS prompt. Typically you go to Start > Run, enter cmd and select OK.

2. Enter ping 11.101.100 to ping the default internal interface of the FortiGate unit with four packets.

 

To ping from an Apple computer

1. Open the Terminal.

2. Enter ping 11.101.100.

3. If the ping fails, it will stop after a set number of attempts. If it succeeds, it will continue to ping repeatedly. Press

Control+C to end the attempt and see gathered data.

To ping from a Linux PC

1. Go to a command line prompt.

2. Enter “/bin/etc/ping 11.101.101”.

 

Traceroute

Where ping will only tell you if it reached its destination and came back successfully, traceroute will show each step of its journey to its destination and how long each step takes. If ping finds an outage between two points, traceroute can be used to locate exactly where the problem is.

 

To use traceroute on an Windows PC

1. Go to a DOS prompt. Typically you go to Start > Run, enter “cmd” and select OK.

2. Enter “tracert com” to trace the route from the PC to the Fortinet website.

To use traceroute from an Apple computer

1. Open the Terminal.

2. Enter traceroute com.

3. The terminal will list the number of steps made. Upon reaching the destination, it will list three asterisks per line.

Press Control+C to end the attempt.

 

To use traceroute on a Linux PC

1. Go to a command line prompt.

2. Enter “/bin/etc/traceroute com”.

The Linux traceroute output is very similar to the MS Windows traceroute output.

 

Examine routing table contents

The first place to look for information is the routing table.

The routing table is where all the currently used routes are stored for both static and dynamic protocols. If a route is in the routing table, it saves the time and resources of a lookup. If a route isn’t used for a while and a new route needs to be added, the oldest least used route is bumped if the routing table is full. This ensures the most recently used routes stay in the table. Note that if your FortiGate unit is in Transparent mode, you are unable to perform this step.

If the FortiGate is running in NAT mode, verify that all desired routes are in the routing table: local subnets, default routes, specific static routes, and dynamic routing protocols.

To check the routing table in the web-based manager, use the Routing Monitor — go to Router > Monitor > Routing Monitor. In the CLI, use the command get router info routing-table all.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.