Moving A Policy Route - Fortinet FortiGate Series Administration Manual

Policy Route

Moving a policy route

354
Table 45: The role of each bit in the IP header TOS 8-bit field
bits 0, 1, 2 Precedence
bit 3 Delay
bit 4 Throughput
bit 5 Reliability
bit 6 Cost
bit 7 Reserved for
future use
For example, if you want to assign low delay, and high reliability, say for a VoIP application
where delays are unacceptable, you would use a bit pattern of xxx1x1xx where an 'x'
indicates that bit can be any value. Since all bits are not set, this is a good use for the bit
mask; if the mask is set to 0x14, it will match any TOS packets that are set to low delay
and high reliability.
A routing policy is added to the bottom of the routing table when it is created. If you prefer
to use one policy over another, you may want to move it to a different location in the
routing policy table.
The option to use one of two routes happens when both routes are a match, for example
172.20.0.0/255.255.0.0 and 172.20.120.0/255.255.255.0. If both of these
routes are in the policy table, both can match a route to 172.20.120.112 but you
consider the second one as a better match. In that case the best match route should be
positioned before the other route in the policy table.
In the case of two matches in the routing table, alternating sessions will use both routes in
a load balancing configuration. You can also manually assign priorities to routes. For two
matches in the routing table, the priority will determine which route is used. This feature is
available only through the CLI. For details, see the
To change the position of a policy route in the table, go to Router > Static > Policy Route
and select Move To for the policy route you want to move.
Figure 186: Moving a policy route
Before/After Select Before to place the selected Policy Route before the indicated route.
Select After to place it following the indicated route.
Policy route ID Enter the Policy route ID of the route in the Policy route table to move the
selected route before or after.
Some networks treat high precedence traffic as more important
traffic. Precedence should only be used within a network, and
can be used differently in each network. Typically you do not
care about these bits.
When set to 1, this bit indicates low delay is a priority. This is
useful for such services as VoIP where delays degrade the
quality of the sound.
When set to 1, this bit indicates high throughput is a priority.
This is useful for services that require lots of bandwidth such
as video conferencing.
When set to 1, this bit indicates high reliability is a priority. This
is useful when a service must always be available such as with
DNS servers.
When set to 1, this bit indicates low cost is a priority. Generally
there is a higher delivery cost associated with enabling bits 3,4,
or 5, and bit 6 indicates to use the lowest cost route.
Not used at this time.
FortiGate CLI
FortiGate Version 4.0 MR1 Administration Guide
Router Static
Reference.
01-410-89802-20090903
http://docs.fortinet.com/ • Feedback