Tag: Routing

Posted on

Avocent – MTU

We stumbled over a situation where the wan environment did not advertise lower mtu values properly or fragments where routed over a different path. To FIX this we set the MTU / MSS values on the route. vi /etc/network/st_routes 10.0.0.0/8 via 10.52.192.81 dev eth0 mtu 1150 advmss 1100 default metric 0 via 10.52.192.81 This is …

Continue reading "Avocent – MTU"

Posted on

BGP – Prevent becoming a Transit-AS

AS-Path FilteringNo-export CommunityPrefix-list FilteringDistribute List Filtering AS-Path Filtering ip as-path access-list 1 permit ^$ neighbor x.x.x.x filter-list 1 out No-export Community ip bgp-community new-format route-map NO-EXPORT ​set community no-export neighbor x.x.x.x route-map NO-EXPORT in neighbor x.x.x.x send-community Prefix-list Filtering ip prefix-list NO-TRANSIT permit x.x.x.x/x neighbor x.x.x.x prefix-list NO-TRANSIT out Distribute List Filtering access-list x deny x.x.x.x y.y.y.y …

Continue reading "BGP – Prevent becoming a Transit-AS"

Posted on

BGP – MultiHoming

Cisco cisco01config show ip bgp summaryshow ip routeshow ip bgpcisco02config show ip bgp summaryshow ip routeEdgeRouter-Xedge01configshow ip routeedge02configshow ip routeFortiGateconfigget router info routing-table detailsTestsChanging the AS Numbersshow ip routeshow ip bgpOptimizing route mapscisco1show ip bgp neighbors 10.255.80.29 received-routesshow ip bgpshow ip routecisco2show ip bgp neighbors 10.255.80.28 received-routesshow ip routeBGP Prevent becoming an Transit ASNo-Export CommunityLinks …

Continue reading "BGP – MultiHoming"

Posted on

Routing Tables

FreeBSD freebsd:~ $ netstat -rWRouting tablesInternet:Destination Gateway Flags Nhop# Mtu Netif Expiredefault 11.155.93.1 UGS 6 1500 em011.155.93.0/24 link#1 U 3 1500 em011.155.93.77 link#2 UHS 5 16384 lo0localhost link#2 UH 1 16384 lo0Internet6:Destination Gateway Flags Nhop# Mtu Netif Expire::/96 link#2 URS 6 16384 lo0default fe80::1%em0 UGS 7 1500 em0localhost link#2 UHS 1 16384 lo0::ffff:0.0.0.0/96 link#2 URS …

Continue reading "Routing Tables"

Posted on

Cisco Nexus – Policy Based Routes

Photo by Carl Solder on Unsplash

So after a while some basic Cisco stuff. Thanks Craig for being the Guy you are. We had to divert traffic some traffic to an dedicated line for Netscope, to an different Internet Line. configure terminal ip access-list pbr-netscope-over-second-provider permit 10.255.86.0 0.0.1.255 3.123.155.214 0.0.0.0 permit 10.255.86.0 0.0.1.255 3.123.215.247 0.0.0.0 permit 10.255.86.0 0.0.1.255 3.123.221.103 0.0.0.0 permit …

Continue reading "Cisco Nexus – Policy Based Routes"

Posted on

FortiGate – Viewing FIB/RIB routing information in CLI

"Reminder to self regarding routing information: This document is derived from Fortinet KB Articles and covers topics such as accessing FIB/RIB routing data via the CLI, understanding the routing process in FortiGate (route-lookup-process), handling multiple default routes when SD-WAN rules are not the preferred option, and more." Routing in FortiGate (route-lookup-process) How does FortiGate decide …

Continue reading "FortiGate – Viewing FIB/RIB routing information in CLI"

Posted on

Fortinet – Static routes with Firewall objects

I like the the Idea to configure static routing over firewall objects. This avoids the static route limit on FortiGate Firewall. config firewall address edit "N.203.0.113.0--24" set allow-routing enable set subnet 203.0.113.0 255.255.255.0 next end config firewall addrgrp edit "R.Networks" set allow-routing enable set member "N.203.0.113.0--24" next end config router static edit 0 set gateway …

Continue reading "Fortinet – Static routes with Firewall objects"

Blog at WordPress.com.