Viewing the routing table in the CLI

In the CLI, you can easily view the static routing table just as in the web-based manager or you can view the full routing table.

When viewing the list of static routes using the CLI command get route static, it is the configured static routes that are displayed. When viewing the routing table using the CLI command get router info routing-table all, it is the entire routing table information that is displayed including configured and learned routes of all types. The two are different information in different formats.

If VDOMs are enabled on your FortiGate unit, all routing related CLI commands must be performed within a VDOM and not in the global context.

 

To view the routing table

# get router info routing-table all

Codes: K – kernel, C – connected, S – static, R – RIP, B – BGP O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

* – candidate default

S* 0.0.0.0/0 [10/0] via 192.168.183.254, port2

S   1.0.0.0/8 [10/0] via 192.168.183.254, port2

S  2.0.0.0/8 [10/0] via 192.168.183.254, port2

C  10.142.0.0/23 is directly connected, port3

B  10.160.0.0/23 [20/0] via 10.142.0.74, port3, 2d18h02m

C 192.168.182.0/23 is directly connected, port2

 

Examining an entry:

B 10.160.0.0/23 [20/0] via 10.142.0.74, port3, 2d18h02m

B                                                  BGP. The routing protocol used.

10.160.0.0/23                              The destination of this route including netmask.

[20/0]                                           20 indicates and administrative distance of 20 out of a range of 0 to 255.

0 is an additional metric associated with this route, such as in OSPF

10.142.0.74                                 The gateway, or next hop.

port3                                           The interface used by this route.

2d18h02m                                  How old this route is, in this case almost three days old.

 

To view the kernel routing table

# get router info kernel

tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.11.201.0/24 pref=10.11.201.4 gwy=0.0.0.0 dev=5(external1)

tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->172.20.120.0/24 pref=172.20.120.146 gwy=0.0.0.0 dev=6(internal)

The parts of the routing table entry are:

 

tab                                               Table number. This will be either 254 (unicast) or 255 (multicast).

vf                                                 Virtual domain of the firewall. This is the vdom index number. If vdoms are not enabled, this number will be 0.

type                                             Type of routing connection. Valid values include:

0 – unspecific

1 – unicast

2 – local

3 – broadcast

4 – anycast

5 – multicast

6 – blackhole

7 – unreachable

8 – prohibited

Type of installation. This indicates where the route came from. Valid values include:

proto

0 – unspecific

2 – kernel

11 – ZebOS routing module

14 – FortiOS

15 – HA

16 – authentication based

17 – HA1

prio                                             Priority of the route. Lower priorities are preferred.

–>10.11.201.0/24

(->x.x.x.x/mask)

The IP address and subnet mask of the destination

pref                                             Preferred next hop along this route

gwy                                             Gateway – the address of the gateway this route will use

dev                                              Outgoing interface index. This number is associated with the interface for this route, and if VDOMs are enabled the VDOM will be included here as well. If an interface alias is set for this interface it will also be displayed here.