Basic RIPng example
In this example, a small network is configured with RIP next generation (RIPng). Two FortiGates are connected to the internal network and the ISP, providing some redundancy to help ensure that the internal network can always reach the internet.
The FortiGates are running in NAT mode with VDOMs disabled, and firewall policies have already been configured to allow traffic to flow across the interfaces.
All of the internal computers and other network devices support IPv6 addressing and are running RIPng (where applicable), so no static routing is required. Internal network devices only need to know the FortiGate's internal interface network addresses.
|
Router |
Interface (alias) |
IPv6 address |
|---|---|---|
|
Router1 |
port1 (internal) |
2002:A0B:6565:0:0:0:0:0 |
|
port2 (ISP) |
2002:AC14:7865:0:0:0:0:0 |
|
|
Router2 |
port1 (internal) |
2002:A0B:6566:0:0:0:0:0 |
|
port2 (ISP) |
2002:AC14:7866:0:0:0:0:0 |
On each FortiGate, the interfaces are configured first, and then RIPng. No redistribution or authentication is configured.
In the RIPng configuration, only the interface names are required. The ISP router and the other FortiGate are configured as neighbors. Declaring the neighbors reduces the discovery traffic when the routers start. There is no specific command to include a subnet in the RIP broadcast, and RIPng can only be configured using the CLI.
To configure Router1:
-
Configure the interfaces:
config system interface edit port1 set allowaccess ping https ssh set type physical set description "Internal RnD network" set alias "internal" config ipv6 set ip6-address 2002:a0b:6565::/0 end next edit port2 set allowaccess ping https ssh set type physical set description "ISP and Internet" set alias "ISP" config ipv6 set ip6-address 2002:ac14:7865::/0 end next end -
Configure RIPng:
config router ripng config neighbor edit 1 set ip6 2002:a0b:6566:: set interface port1 next edit 2 set ip6 2002:ac14:7805:: set interface port2 next end config interface edit port1 next edit port2 next end end
To configure Router2:
-
Configure the interfaces:
config system interface edit port1 set allowaccess ping https ssh set type physical set description "Internal RnD network" set alias "internal" config ipv6 set ip6-address 2002:a0b:6566::/0 end next edit port2 set allowaccess ping https ssh set type physical set description "ISP and Internet" set alias "ISP" config ipv6 set ip6-address 2002:ac14:7866::/0 end next end -
Configure RIPng:
config router ripng config neighbor edit 1 set ip6 2002:a0b:6565:: set interface port1 next edit 2 set ip6 2002:ac14:7805:: set interface port2 next end config interface edit port1 next edit port2 next end end
Testing the configuration
The following commands can be used to check the RIPng information on the FortiGates, and can help track down issues:
To view the local scope IPv6 addresses used as next-hops by RIPng on the FortiGate:
# diagnose ipv6 address list
To view IPv6 addresses that are installed in the routing table:
# diagnose ipv6 route list
To view the IPv6 routing table:
# get router info6 routing-table
This information is similar to the diagnose ipv6 route list command, but it is presented in an easier to read format.
To view the brief output on the RIP information for the interface listed:
# get router info6 rip interface external
This includes information such as, if the interface is up or down, what routing protocol is being used, and whether passive interface or split horizon is enabled.