Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable

Created on ‎02-18-2005 12:00 AM Edited on ‎02-05-2024 12:41 AM By Moderator

Article Id 194707

Technical Tip: How to advertise an Aggregate Route in RIP

Description

 

This article describes how to advertise an aggregate route via RIP.

 

Solution

 

The Benefits of Aggregate Routes.


Rather than advertise a number of host routes, it is necessary to advertise a subnet with a shorter prefix that encompasses all of these host routes.

 

One special example of this is advertising a subnet that encompasses a series of Virtual IPs.

 

Case Study: RIP & Virtual IPs.


Let's say that there is the following Virtual IPs:

 

69.25.56.17
69.25.56.18
69.25.56.19

 

And there are on an external interface with IP address 207.173.5.120/24.

 

To advertise a network 69.25.56.16/29 so that the VIPs are reachable from the Internet.

 

Warning:

Aggregation might cover more than the existing individual VIP addresses one wants to aggregate.

In this example, 69.25.56.16/29 has got host range from 69.25.56.17 to 69.25.56.22

Multiple aggregates ranges might be necessary in case of non-contiguous IP addresses.

 

To configure.


Note.

This assumes there is a RIP running between this FortiGate and another networking device running RIP.

Because the VIPs is not treated as 'connected' networks, use of the 'network' statement is inappropriate.

Instead, it is possible to create what some vendors call a null, or 'dummy' route for 69.25.56.16/29 and then redistribute static routes into RIP.

 

For example:

 

# config router rip
# config redistribute "static"
    set status enable
end

 

config router static
    edit 20
        set dst 69.25.56.16 255.255.255.248
    next

 

Note.

When entering the static route from the GUI, it is necessary to enter a distance, outbound interface and gateway IP (use the IP of the interface) but none of these values are really important, the key is to advertise that network to other RIP devices.

 

To troubleshoot.


Fortigate-100 # get router info rip database

Codes: R - RIP, K - Kernel, C - Connected, S - Static, O - OSPF, I - IS-IS, B - BGP


   Network            Next Hop         Metric From            If     Time
R  0.0.0.0/0          192.168.1.101         2 192.168.1.101   internal 02:47
S  1.1.1.0/24                                        1                 external
C  192.168.1.0/24                               1                 internal
C  192.168.3.0/24                               1                 external
Other commands:

diag net route list
get router info rip interface

 

Related Articles:

Technical Note : FortiGate prefix-list example to advertise in RIP only a default route and drop all...

1827
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.