How The Routing Table Is Built; How Routing Decisions Are Made; Multipath Routing And Determining The Best Route - Fortinet Fortigate-5000 series Administration Manual

Routing concepts

How the routing table is built

How routing decisions are made

Multipath routing and determining the best route

178
In the factory default configuration, the FortiGate routing table contains a single
static default route. You can add routing information to the routing table by defining
additional static routes. The table may include several different routes to the same
destination—the IP addresses of the next-hop router specified in those routes or
the FortiGate interfaces associated with those routes may vary.
The FortiGate unit selects the "best" route for a packet by evaluating the
information in the routing table. The best route to a destination is typically
associated with the shortest distance between the FortiGate unit and the closest
next-hop router. In some cases, the next best route may be selected if the best
route is unavailable for some reason. The best routes are installed in the FortiGate
forwarding table, which is a subset of the FortiGate routing table. Packets are
forwarded according to the information in the forwarding table.
Whenever a packet arrives at one of the FortiGate unit's interfaces, the FortiGate
unit determines whether the packet was received on a legitimate interface by
doing a reverse lookup using the source IP address in the packet header. If the
FortiGate unit cannot communicate with the computer at the source IP address
through the interface on which the packet was received, the FortiGate unit drops
the packet as it is likely an hacking attempt.
If the destination address can be matched to a local address (and the local
configuration permits delivery), the FortiGate unit delivers the packet to the local
network. If the packet is destined for another network, the FortiGate unit forwards
the packet to a next-hop router according to a route policy and/or the information
stored in the FortiGate forwarding table. See
Multipath routing occurs when more than one entry to the same destination is
present in the routing table. When multipath routing happens, the FortiGate unit
may have several possible destinations for an incoming packet, forcing the
FortiGate unit to decide which next-hop is the best one.
Two methods to manually resolve multiple routes to the same destination are to
lower the administrative distance of one route or to set the priority of both routes.
For the FortiGate unit to select a primary (preferred) route, manually lower the
administrative distance associated with one of the possible routes. The
administrative distance can be from 1 to 255.
Another method is to manually change the priority of both of the routes. If the next-
hop administrative distances of two routes on the FortiGate unit are equal it may
not be clear which route the packet will take. Configuring the priority for each of
those routes will make it clear which next-hop will be used in the case of a tie. The
priority for a route can only be set from the CLI. Lower priorities are preferred.
"Policy Route" on page
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102
Router Static
185.