router ripng
Use this command to configure the “next generation” Routing Information Protocol (RIPng) on the FortiGate unit. RIPng is a distance-vector routing protocol intended for small, relatively homogeneous, IPv6 networks. RIPng uses hop count as its routing metric. Each network is usually counted as one hop. The network diameter is limited to 15 hops. RIPng is defined in RFC 2080.
config router ripng set default-information-originate {enable | disable} Enable/disable generation of default route. set default-metric {integer} Default metric. range[1-16] set max-out-metric {integer} Maximum metric allowed to output(0 means 'not set'). range[0-15] config distance edit {id} # distance set id {integer} Distance ID. range[0-4294967295] set distance {integer} Distance (1 - 255). range[1-255] set prefix6 {ipv6 prefix} Distance prefix6. set access-list6 {string} Access list for route destination. size[35] - datasource(s): router.access-list6.name next config distribute-list edit {id} # Distribute list. set id {integer} Distribute list ID. range[0-4294967295] set status {enable | disable} status set direction {in | out} Distribute list direction. in Filter incoming packets. out Filter outgoing packets. set listname {string} Distribute access/prefix list name. size[35] - datasource(s): router.access-list6.name,router.prefix-list6.name set interface {string} Distribute list interface name. size[15] - datasource(s): system.interface.name next config neighbor edit {id} # neighbor set id {integer} Neighbor entry ID. range[0-4294967295] set ip6 {ipv6 address} IPv6 link-local address. set interface {string} Interface name. size[15] - datasource(s): system.interface.name next config network edit {id} # Network. set id {integer} Network entry ID. range[0-4294967295] set prefix {ipv6 prefix} Network IPv6 link-local prefix. next config aggregate-address edit {id} # Aggregate address. set id {integer} Aggregate address entry ID. range[0-4294967295] set prefix6 {ipv6 prefix} Aggregate address prefix. next config offset-list edit {id} # Offset list. set id {integer} Offset-list ID. range[0-4294967295] set status {enable | disable} status set direction {in | out} Offset list direction. in Filter incoming packets. out Filter outgoing packets. set access-list6 {string} IPv6 access list name. size[35] - datasource(s): router.access-list6.name set offset {integer} offset range[1-16] set interface {string} Interface name. size[15] - datasource(s): system.interface.name next config passive-interface edit {name} # Passive interface configuration. set name {string} Passive interface name. size[64] - datasource(s): system.interface.name next config redistribute edit {name} # Redistribute configuration. set name {string} Redistribute name. size[35] set status {enable | disable} status set metric {integer} Redistribute metric setting. range[1-16] set routemap {string} Route map name. size[35] - datasource(s): router.route-map.name next set update-timer {integer} Update timer. range[5-2147483647] set timeout-timer {integer} Timeout timer. range[5-2147483647] set garbage-timer {integer} Garbage timer. range[5-2147483647] config interface edit {name} # RIPng interface configuration. set name {string} Interface name. size[35] - datasource(s): system.interface.name set split-horizon-status {enable | disable} Enable/disable split horizon. set split-horizon {poisoned | regular} Enable/disable split horizon. poisoned Poisoned. regular Regular. set flags {integer} Flags. range[0-255] next end
Additional information
The following section is for those options that require additional explanation.
default-information-originate
Enter enable
to advertise a default static route into RIPng.
default-metric
For non-default routes in the static routing table and directly connected networks the default metric is the metric that the FortiGate unit advertises to adjacent routers. This metric is added to the metrics of learned routes. The default metric can be a number from 1 to 16.
garbage-timer
The time in seconds that must elapse after the timeout interval for a route expires, before RIPng deletes the route. If RIPng receives an update for the route after the timeout timer expires but before the garbage timer expires then the entry is switched back to reachable.
RIP timer defaults are effective in most configurations. All routers and access servers in the network should have the same RIP timer settings.
The update timer interval can not be larger than the garbage timer interval.
Range 5
to 2,147,483,647
seconds.
passive-interface
Block RIPng broadcasts on the specified interface. You can use “config neighbor” and the passive interface command to allow RIPng to send unicast updates to the specified neighbor while blocking broadcast updates on the specified interface.
timeout-timer
The time interval in seconds after which a route is declared unreachable. The route is removed from the routing table. RIP holds the route until the garbage timer expires and then deletes the route. If RIP receives an update for the route before the timeout timer expires, then the timeout-timer is restarted. If RIP receives an update for the route after the timeout timer expires but before the garbage timer expires then the entry is switched back to reachable. The value of the timeout timer should be at least three times the value of the update timer.
RIP timer defaults are effective in most configurations. All routers and access servers in the network should have the same RIP timer settings.
The update timer interval can not be larger than the timeout timer interval.
Range 5
to 2,147,483,647
seconds.
update-timer
The time interval in seconds between RIP updates.
RIP timer defaults are effective in most configurations. All routers and access servers in the network should have the same RIP timer settings.
The update timer interval can not be larger than timeout or garbage timer intervals.
Range 5
to 2,147,483,647
seconds.
config aggregate-address
Use this subcommand to configure aggregate address prefixes.
prefix6
Enter the prefix for the aggregate address.
config distance
Use this subcommand to specify an administrative distance. When different routing protocols provide multiple routes to the same destination, the administrative distance sets the priority of those routes. The lowest administrative distance indicates the preferred route. The distance field is required. All other fields are optional.
If you specify a prefix, RIP uses the specified distance when the source IP address of a packet matches the prefix.
access-list6
Enter the name of an access list. The distances associated with the routes in the access list will be modified. To create an access list, see router {access-list | access-list6}.
distance
Enter a number from 1 to 255, to set the administrative distance.
This field is required.
prefix6
Optionally enter a prefix to apply the administrative distance to.
config distribute-list
Use this subcommand to filter incoming or outgoing updates using an access list or a prefix list. If you do not specify an interface, the filter will be applied to all interfaces. You must configure the access list or prefix list that you want the distribution list to use before you configure the distribution list. For more information on configuring access lists and prefix lists, see router {access-list | access-list6} and router {prefix-list | prefix-list6}.
The direction
and listname
fields are required. All other fields are optional.
direction
Set the direction for the filter.
in
to filter incoming packets.out
to filter outgoing packets.
interface
Enter the name of the interface to apply this distribution list to. If you do not specify an interface, this distribution list will be used for all interfaces.
listname
Enter the name of the access list or prefix list to use for this distribution list.
config interface
Use this subcommand to configure and enable split horizon. All fields are optional.
A split horizon occurs when a router advertises a route it learns over the same interface it learned it on. In this case the router that gave the learned route to the last router now has two entries to get to another location. However, if the primary route fails that router tries the second route to find itself as part of the route and an infinite loop is created. A poisoned split horizon will still advertise the route on the interface it received it on, but it will mark the route as unreachable. Any unreachable routes are automatically removed from the routing table. This is also called split horizon with poison reverse.
edit
Type the name of the FortiGate unit interface that is linked to the RIP network. The interface might be a virtual IPSec or GRE interface.
split-horizon
Configure RIP to use either regular or poisoned split horizon on this interface. Choose one of:
regular
- prevent RIP from sending updates for a route back out on the interface from which it received that route.poisoned
- send updates with routes learned on an interface back out the same interface but mark those routes as unreachable.
split-horizon-status
Enable or disable split horizon for this interface. Split horizon is enabled by default.
Disable split horizon only if there is no possibility of creating a counting to infinity loop when network topology changes.
config neighbor
Use this subcommand to enable RIPng to send unicast routing updates to the router at the specified address. You can use the neighbor
subcommand and “passive-interface" setting to allow RIPng to send unicast updates to the specified neighbor while blocking broadcast updates on the specified interface. You can configure multiple neighbors.
All fields are required.
edit
Enter an entry number for the RIPng neighbor. The number must be an integer.
interface
The interface that connects to the neighbor.
ip6
Enter the IP address of the neighboring router to which to send unicast updates.
config offset-list
Use this subcommand to add the specified offset to the metric (hop count) of a route from the offset list. The access-list6
, direction
, and offset
fields are required. All other fields are optional.
access-list6
Enter the name of the access list to use for this offset list. The access list is used to determine which routes to add the metric to.
direction
Enter in
to apply the offset to the metrics of incoming routes. Enter out
to apply the offset to the metrics of outgoing routes.
interface
Enter the name of the interface to match for this offset list.
offset
Enter the offset number to add to the metric. The metric is the hop count. The acceptable range value is from 1 to 16, with 16 being unreachable.
status
Enable or disable this offset list.
config redistribute
Use this subcommand to redistribute routes learned from OSPF, BGP, static routes, or a direct connection to the destination network.
The RIPng redistribution table contains four static entries. You cannot add entries to the table.
The entries are defined as follows:
bgp
- Redistribute routes learned from BGP.connected
- Redistribute routes learned from a direct connection to the destination network.isis
- Redistribute routes learned from ISIS.ospf
- Redistribute routes learned from OSPF.static
- Redistribute the static routes defined in the FortiGate unit routing table.
When you enter the subcommand, end the command with one of the four static entry names (that is, config redistribute {bgp | connected | isis | ospf | static}
).
All fields are optional.
metric
Enter the metric value to be used for the redistributed routes. The acceptable value range is an integer from 0 to 16.
routemap
Enter the name of the route map to use for the redistributed routes.