Router

To provide remote access to the management port, configure an IPv4 or IPv6 static route. Set the gateway address to the IPv4 or IPv6 address of the router.

Configure the following for IPv4 static route.

• The Destination IP/ Netmask for the route.
• Enable Blackhole to disable all the Gateway options.
• The pre-configured Gateway out interface.
• Enable Dynamic Gateway to disable the Gateway option.
• The Gateway router IPv4 address.

Configure the following for IPv6 static route.

• The Destination IP/ Netmask for the route.
• Enable Blackhole to disable all the Gateway options.
• The pre-configured Gateway out interface.
• The Gateway router IPv6 address.
• The administrative Distance for all routes.
• Enable the BFD (Bidirectional Forwarding Detection).

You can create a probe to monitor the link to a server. The FortiLAN Cloud sends periodic ping messages to test that the server is available.

• The Source Interface. Can be the physical or VLAN interface name.
• The Protocol to detect the server. Select ARP or ping.
• The Source IP address used in packet to the server.
• The Gateway IP address used to ping the server.

You can configure the following Advanced Settings.

• Detection Interval (Seconds) - The detection interval in seconds. The range is 1-3600.
• Detection Timeout (Seconds) - The detection request timeout in seconds. The range is 1-255.
• Retries Before Down - The number of retry attempts before bringing the server down.
• Retries Before Up - The number of retry attempts before bringing the server up.

Open shortest path first (OSPF) is a link-state interior routing protocol that is widely used in large enterprise organizations. OSPF provides routing within a single autonomous system (AS).

• Enter the Router IP address.
• Enable Default Information Originate to generate and advertise a default route into the device’s RIP-enabled networks. The generated route may be based on routes learned through a dynamic routing protocol, routes in the routing table, or both.
• Enter the Default Information Metric for routing.
• If you want to Redistribute non-RIP routes, select Enable under Connected, Static, OSPF, BGP, or ISIS. If you select Enable, enter the routing metric to use.
• An OSPF implementation consists of one or more Areas. An area consists of a group of contiguous networks. The FortiSwitch unit supports different types of areas—stub areas, Not So Stubby areas (NSSA), and Regular areas. A stub area is an interface without a default route configured. NSSA is a type of stub area that can import AS external routes and send them to the backbone but cannot receive AS external routes from the backbone or other areas. All other areas are considered regular areas.
• Enter a unique value to identify this Network configuration. Enter an IP address and netmask for your RIP network. You can configure multiple networks.
• Configure ODPF Interface. In the Hello Interval field, enter the number of seconds that the FortiSwitch unit waits between sending hello messages to neighboring PIM routers. If you want to use Authentication, select Text, MD5, or None.
• Enable Bidirectional Forwarding Detection
• Configure the interface Maximum Transmission Unit (MTU) packet size.
• Enable Fast Hello, which provides a way to send multiple hello packets per second.
• Configure the Hello Interval. OSPF Hello protocol is used to discover and maintain communications with neighboring routers. Hello packets are sent out at a regular interval.

• The Dead interval is the time other routers wait before declaring a neighbor dead (offline).

The Routing Information Protocol (RIP) is a distance-vector routing protocol that works best in small networks that have no more than 15 hops. Each router maintains a routing table by sending out its routing updates and by asking neighbors for their routes.

• The FortiSwitch unit supports RIP version 1 and RIP version 2.
  • RIP version 1 uses classful addressing and broadcasting to send out updates to router neighbors. It does not support different sized subnets or classless inter-domain routing (CIDR) addressing.
  • RIP version 2 supports classless routing and subnets of various sizes. Router authentication supports MD5 and authentication keys. Version 2 uses multicasting to reduce network traffic.
• Enable Default Information Originate to generate and advertise a default route into the device’s RIP-enabled networks. The generated route may be based on routes learned through a dynamic routing protocol, routes in the routing table, or both.
• Enable Bidirectional Forwarding Detection to quickly locate hardware failures in the network. Routers running BFD communicate with each other, and, if a timer runs out on a connection, that router is declared to be down. BFD then communicates this information to RIP, and the routing information is updated.
• Enter the Default Metric. RIP uses hop count as the metric for choosing the best route. A hop count of 1 represents a network that is connected directly to the FortiSwitch unit. A hop count of 16 represents a network that cannot be reached.
• If you want to change the default Timers value, enter the number of seconds in the Update, Timeout, and Garbage fields.
  • The update timer determines the interval between routing updates. The default setting is 30 seconds.
  • The timeout timer is the maximum time that a route is considered reachable while no updates are received for the route. The default setting is 180 seconds. The timeout timer setting should be at least three times longer than the update timer setting.
  • The garbage timer is the is the how long that the FortiSwitch unit advertises a route as being unreachable before deleting the route from the routing table. The default setting is 120 seconds.
• If you want to Redistribute non-RIP routes, select Enable under Connected, Static, OSPF, BGP, or ISIS. If you select Enable, enter the routing metric to use.
• Configure the router Distance. Enter the distance identifier in the ID field and select the Access List. Enter the IP address and netmask.
• Enter a unique value to identify this Network configuration. Enter an IP address and netmask for your RIP network. You can configure multiple networks.
• Configure RIP for the appropriate Interface. If you want to change the RIP version used to send and receive routing updates, select from the Send Version and Receive Version drop-down menus. If you do not want to send RIP updates from this interface, select Passive Interface. If you want to use Authentication, select Text or None.

A FortiSwitch unit can operate as a Protocol Independent Multicast (PIM) version-2 router. Add a multicast enabled interface.

• Enter the Multicast Flow value.
• In the Hello Interval field, enter the number of seconds that the FortiSwitch unit waits between sending hello messages to neighboring PIM routers.
• In the Designated Router Priority field, enter a priority to the FortiSwitch unit Designated Router (DR) candidacy. The value is compared to that of other DR interfaces connected to the same network segment, and the router having the highest DR priority is selected to be the DR. If two DR priority values are the same, the interface having the highest IP address is selected.
• In the IGMP Response Time field, enter the number of seconds between queries to IGMP hosts.
• In the IGMP Interval field, enter the maximum number of seconds to wait for an IGMP query response.