Fortinet white logo
Fortinet white logo

Administration Guide

Diagnostic

Diagnostic

Use the Route Diagnostic page to display a summary of existing routes for a specific IP address or host name and to view the network hops to the specified IP address or host name.

Starting in FortiSwitchOS 7.2.0, you can now use the CLI for multiple path traceroute, which allows you to find all the routers that perform load balancing between the FortiSwitch unit and destination. Starting in FortiSwitch 7.2.1, you can use the Router > Multi-Traceroute page for multiple path traceroute.

To display route diagnostics in the GUI:
  1. Go to Router > Diagnostic.

  2. In the IP Address/Host Name field, enter an IPv4 address or host name.
  3. You can use the default values for the Trace Route Options or change them:
    • In the Max Hop field, enter the maximum number of hops that the trace route can take.
    • In the Timeout (Milliseconds) field, enter how many milliseconds a route can take before the trace route is stopped.
    • In the Number of Probes field, enter the maximum number of probes to use to trace the route.
  4. Click Diagnose.
    caution iconDo not close your browser while the route diagnostic is running.

To display route diagnostics in the CLI:

get router info routing-table <IPv4_address>

execute traceroute <IPv4_address_or_host_name> <maximum_number_of_hops> <number_of_probes> <maximum_number_of_milliseconds>

For example:

get router info routing-table 8.8.8.8

execute traceroute 8.8.8.8 16 5 15

To run multiple path traceroute in the GUI:
  1. Go to Router > Multi-Traceroute.

  2. In the IP/Address/Hostname field, enter the IPv4 or IPv6 address or the hostname to test the connection to.

  3. In the Flow ID field, select the flow identifier to use.

    If you entered an IPv4 address to test, you can select icmp-chk, icmp-dst, tcp-dst, tcp-sport, udp-dst, or udp-sport. The default value is udp-sport.

    If you entered an IPv6 address to test, you can select icmp-chk, icmp-dst, icmp-fl, icmp-tc, tcp-dst, tcp-fl, tcp-sport, tcp-tc, udp-dst, udp-fl, udp-sport, or udp-tc. The default value is udp-sport.

  4. Select 90, 95, or 99 for the confidence percentage.

  5. In the Max TTL field, enter the maximum number of hops to test.

    The range of values is 0-255. The default is 30.

  6. Click Execute.

  7. Click Show CLI if you want to see the results in the CLI.

  8. Click Cancel if you want to stop the multiple path traceroute.

To run multiple path traceroute in the CLI:

execute mtraceroute <IP_address> <confidence_level> <flow_ID> <maximum_hops>

Variable

Description

<IP_address>

Enter the IP address to test the connection to.

<confidence_level>

Select the confidence level in percent. You can select 90, 95, or 99. The default value is 95.

<flow_ID>

Select the flow identifier to use.

If you selected an IPv4 address to test, you can select icmp-chk, icmp-dst, udp-sport, udp-dst, tcp-sport, or tcp-dst as the flow identifier with udp-sport as the default value.

If you selected an IPv6 address to test, you can select icmp-chk, icmp-dst, icmp-fl, icmp-tc, udp-sport, udp-dst, udp-fl, udp-tc, tcp-sport, tcp-dst, tcp-fl, or tcp-tc as the flow identifier with udp-sport as the default value.

<maximum_hops>

Enter the maximum number of hops to test. The range of values is 0-255. The default is 30.

For example:

S108FFTV21000010 # execute mtraceroute 1.2.3.4 90 icmp-chk 50
Run mtraceroute to 1.2.3.4 - max-ttl: 50, flow-id: icmp-chk, confidence: 90
0  root:  10.105.201.133 (0.767220 ms)
1  10.105.201.133:  192.168.201.1 (0.296219 ms)
2  192.168.201.1:  10.64.254.33 (0.306219 ms)
3  10.64.254.33:  96.45.36.3 (0.501219 ms)
4  96.45.36.3:  *
...

Diagnostic

Diagnostic

Use the Route Diagnostic page to display a summary of existing routes for a specific IP address or host name and to view the network hops to the specified IP address or host name.

Starting in FortiSwitchOS 7.2.0, you can now use the CLI for multiple path traceroute, which allows you to find all the routers that perform load balancing between the FortiSwitch unit and destination. Starting in FortiSwitch 7.2.1, you can use the Router > Multi-Traceroute page for multiple path traceroute.

To display route diagnostics in the GUI:
  1. Go to Router > Diagnostic.

  2. In the IP Address/Host Name field, enter an IPv4 address or host name.
  3. You can use the default values for the Trace Route Options or change them:
    • In the Max Hop field, enter the maximum number of hops that the trace route can take.
    • In the Timeout (Milliseconds) field, enter how many milliseconds a route can take before the trace route is stopped.
    • In the Number of Probes field, enter the maximum number of probes to use to trace the route.
  4. Click Diagnose.
    caution iconDo not close your browser while the route diagnostic is running.

To display route diagnostics in the CLI:

get router info routing-table <IPv4_address>

execute traceroute <IPv4_address_or_host_name> <maximum_number_of_hops> <number_of_probes> <maximum_number_of_milliseconds>

For example:

get router info routing-table 8.8.8.8

execute traceroute 8.8.8.8 16 5 15

To run multiple path traceroute in the GUI:
  1. Go to Router > Multi-Traceroute.

  2. In the IP/Address/Hostname field, enter the IPv4 or IPv6 address or the hostname to test the connection to.

  3. In the Flow ID field, select the flow identifier to use.

    If you entered an IPv4 address to test, you can select icmp-chk, icmp-dst, tcp-dst, tcp-sport, udp-dst, or udp-sport. The default value is udp-sport.

    If you entered an IPv6 address to test, you can select icmp-chk, icmp-dst, icmp-fl, icmp-tc, tcp-dst, tcp-fl, tcp-sport, tcp-tc, udp-dst, udp-fl, udp-sport, or udp-tc. The default value is udp-sport.

  4. Select 90, 95, or 99 for the confidence percentage.

  5. In the Max TTL field, enter the maximum number of hops to test.

    The range of values is 0-255. The default is 30.

  6. Click Execute.

  7. Click Show CLI if you want to see the results in the CLI.

  8. Click Cancel if you want to stop the multiple path traceroute.

To run multiple path traceroute in the CLI:

execute mtraceroute <IP_address> <confidence_level> <flow_ID> <maximum_hops>

Variable

Description

<IP_address>

Enter the IP address to test the connection to.

<confidence_level>

Select the confidence level in percent. You can select 90, 95, or 99. The default value is 95.

<flow_ID>

Select the flow identifier to use.

If you selected an IPv4 address to test, you can select icmp-chk, icmp-dst, udp-sport, udp-dst, tcp-sport, or tcp-dst as the flow identifier with udp-sport as the default value.

If you selected an IPv6 address to test, you can select icmp-chk, icmp-dst, icmp-fl, icmp-tc, udp-sport, udp-dst, udp-fl, udp-tc, tcp-sport, tcp-dst, tcp-fl, or tcp-tc as the flow identifier with udp-sport as the default value.

<maximum_hops>

Enter the maximum number of hops to test. The range of values is 0-255. The default is 30.

For example:

S108FFTV21000010 # execute mtraceroute 1.2.3.4 90 icmp-chk 50
Run mtraceroute to 1.2.3.4 - max-ttl: 50, flow-id: icmp-chk, confidence: 90
0  root:  10.105.201.133 (0.767220 ms)
1  10.105.201.133:  192.168.201.1 (0.296219 ms)
2  192.168.201.1:  10.64.254.33 (0.306219 ms)
3  10.64.254.33:  96.45.36.3 (0.501219 ms)
4  96.45.36.3:  *
...