Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    7.6.4
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    netlink

    netlink

    Use these commands to display detailed statistics about network input and output, and to configure some advanced network settings. This can be useful when optimizing performance or troubleshooting many aspects at the link, IPv4 or IPv6, and TCP or UDP layers, such as:

    • transmission (TX) queue length

    • received (RX) bytes

    • dropped packets

    • collisions

    • transmission errors

    • oversized frame MTU

    • ARP link neighbors

    • bridge loops

    • stale route cache

    • current IP sessions

    Syntax

    diagnose netlink backlog get

    diagnose netlink backlog <backlog_int>

    diagnose netlink bridge list-member

    diagnose netlink device

    diagnose netlink interface list [<interface_name>]

    diagnose netlink ip list [<interface_name>]

    diagnose netlink ip add <interface_name> <address_ipv4> <subnet_v4mask>

    diagnose netlink ip delete <interface_name> <address_ipv4>

    diagnose netlink ip flush [<interface_name>]

    diagnose netlink ipv6 list [<interface_name>]

    diagnose netlink ipv6 add <interface_name> <address_ipv6> <subnet_v6mask>

    diagnose netlink ipv6 delete <interface_name> <address_ipv6>

    diagnose netlink ipv6 flush [<interface_name>]

    diagnose netlink neighbor list

    diagnose netlink neighbor add <interface_name> <address_ipv4> <neighbor_mac>

    diagnose netlink neighbor delete <interface_name> <address_ipv4>

    diagnose netlink neighbor flush

    diagnose netlink neighbor6 list

    diagnose netlink neighbor6 add <interface_name> <address_ipv4> <neighbor_mac>

    diagnose netlink neighbor6 delete <interface_name> <address_ipv4>

    diagnose netlink neighbor6 flush

    diagnose netlink queue-len <interface_name> <queue-length_int>

    diagnose netlink redundant list [<interface_name>]

    diagnose netlink route list

    diagnose netlink route flush

    diagnose netlink route6 list

    diagnose netlink route6 flush

    diagnose netlink rtcache

    diagnose netlink session

    diagnose netlink tcp

    Variable

    Description

    Default

    <address_ipv4>

    Enter an IPv4 IP address.

    <address_ipv6>

    Enter an IPv6 IP address.

    <interface_name>

    Enter the name of the network interface, such as port1.

    If the interface name is optional, then the command applies to all network interfaces in the scope of the command.

    <neighbor_mac>

    Enter a physical media access control (MAC) address that defines the network interface card (NIC) of an ARP neighbor.

    <queue-length_int>

    Enter the maximum number of messages in the transmission (TX) queue.

    Note: If the queue is too small for the volume of network traffic, delays and dropped packets may occur.

    <subnet_v4mask>

    Enter an IPv4 IP subnet mask.

    <subnet_v6mask>

    Enter an IPv6 IP subnet mask.

    backlog <backlog_int>

    Enter the backlog limit.

    Example

    FortiMail # diagnose netlink session

    System Time:  2025-05-23 12:08:40 EDT (Uptime: 15d 1h 5m)
    Protocol              Remote IP Remote Port               Local IP  Local Port Expire(s)
    tcp               172.20.212.15      50551          172.20.140.29         443   255
    ...
    FortiMail # diagnose netlink neighbor list
    System Time:  2025-05-23 13:47:03 EDT (Uptime: 15d 2h 44m)
    ifindex=4 ifname=port1 172.20.140.2 d4:76:a0:03:14:e6 state=00000002 use=113126 confirm=17 update=113126 ref=1
    ifindex=4 ifname=port1 172.20.140.223 00:0c:29:51:88:f4 state=00000004 use=35481 confirm=35481 update=32050 ref=0
    ifindex=4 ifname=port1 172.20.140.89 1c:1b:0d:98:4a:e8 state=00000004 use=130439454 confirm=130445454 update=130439454 ref=0
    ifindex=1 ifname=loopback 0.0.0.0 00:00:00:00:00:00 state=00000040 use=130581896 confirm=137 update=130581896 ref=0
    FortiMail # diagnose netlink route6 list
    System Time:  2025-05-23 15:28:10 EDT (Uptime: 15d 4h 25m)
    tab=100 type=local protocol=netd flag=00000000 oif=1(loopback) prio=5
    tab=254 type=unicast protocol=kernel flag=00000000 oif=4(port1) dst:2607:f0b0:f:640::/64 prio=100
    ...

    FortiMail # diagnose netlink interface list

    System Time:  2025-05-23 15:38:29 EDT (Uptime: 15d 4h 35m)
    if=loopback family=00 type=772 index=1 mtu=65536 link=0 master=0
    flags=up loopback run
    if=bond0 family=00 type=1 index=2 mtu=1500 link=0 master=0
    flags=broadcast master multicast
    if=dummy0 family=00 type=1 index=3 mtu=1500 link=0 master=0
    flags=broadcast noarp
    ...

    FortiMail # diagnose netlink device

    System Time:  2025-05-23 15:39:14 EDT (Uptime: 15d 4h 36m)
    Inter-|   Receive                                                |  Transmit
    face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
    loopback: 18930057   97298    0    0    0     0          0         0 18930057   97298    0    0    0     0       0          0
    bond0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    dummy0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    port1: 1878497783 6277327    0 568825    0     0          0      3268 304878720  998264    0    0    0     0       0          0
    gre0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    ...
    FortiMail # diagnose netlink tcp
    System Time:  2025-05-23 15:39:36 EDT (Uptime: 15d 4h 36m)
    sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode
    0: 0100007F:0FA0 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 1974 1 00000000dfc8c3c5 100 0 0 10 0
    1: 00000000:03E1 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 3058 1 000000003be029fa 100 0 0 10 0
    ...

    Related topics

    sniffer

    hardware

    system interface

    system route

    Previous
    Next

    netlink

    netlink

    Use these commands to display detailed statistics about network input and output, and to configure some advanced network settings. This can be useful when optimizing performance or troubleshooting many aspects at the link, IPv4 or IPv6, and TCP or UDP layers, such as:

    • transmission (TX) queue length

    • received (RX) bytes

    • dropped packets

    • collisions

    • transmission errors

    • oversized frame MTU

    • ARP link neighbors

    • bridge loops

    • stale route cache

    • current IP sessions

    Syntax

    diagnose netlink backlog get

    diagnose netlink backlog <backlog_int>

    diagnose netlink bridge list-member

    diagnose netlink device

    diagnose netlink interface list [<interface_name>]

    diagnose netlink ip list [<interface_name>]

    diagnose netlink ip add <interface_name> <address_ipv4> <subnet_v4mask>

    diagnose netlink ip delete <interface_name> <address_ipv4>

    diagnose netlink ip flush [<interface_name>]

    diagnose netlink ipv6 list [<interface_name>]

    diagnose netlink ipv6 add <interface_name> <address_ipv6> <subnet_v6mask>

    diagnose netlink ipv6 delete <interface_name> <address_ipv6>

    diagnose netlink ipv6 flush [<interface_name>]

    diagnose netlink neighbor list

    diagnose netlink neighbor add <interface_name> <address_ipv4> <neighbor_mac>

    diagnose netlink neighbor delete <interface_name> <address_ipv4>

    diagnose netlink neighbor flush

    diagnose netlink neighbor6 list

    diagnose netlink neighbor6 add <interface_name> <address_ipv4> <neighbor_mac>

    diagnose netlink neighbor6 delete <interface_name> <address_ipv4>

    diagnose netlink neighbor6 flush

    diagnose netlink queue-len <interface_name> <queue-length_int>

    diagnose netlink redundant list [<interface_name>]

    diagnose netlink route list

    diagnose netlink route flush

    diagnose netlink route6 list

    diagnose netlink route6 flush

    diagnose netlink rtcache

    diagnose netlink session

    diagnose netlink tcp

    Variable

    Description

    Default

    <address_ipv4>

    Enter an IPv4 IP address.

    <address_ipv6>

    Enter an IPv6 IP address.

    <interface_name>

    Enter the name of the network interface, such as port1.

    If the interface name is optional, then the command applies to all network interfaces in the scope of the command.

    <neighbor_mac>

    Enter a physical media access control (MAC) address that defines the network interface card (NIC) of an ARP neighbor.

    <queue-length_int>

    Enter the maximum number of messages in the transmission (TX) queue.

    Note: If the queue is too small for the volume of network traffic, delays and dropped packets may occur.

    <subnet_v4mask>

    Enter an IPv4 IP subnet mask.

    <subnet_v6mask>

    Enter an IPv6 IP subnet mask.

    backlog <backlog_int>

    Enter the backlog limit.

    Example

    FortiMail # diagnose netlink session

    System Time:  2025-05-23 12:08:40 EDT (Uptime: 15d 1h 5m)
    Protocol              Remote IP Remote Port               Local IP  Local Port Expire(s)
    tcp               172.20.212.15      50551          172.20.140.29         443   255
    ...
    FortiMail # diagnose netlink neighbor list
    System Time:  2025-05-23 13:47:03 EDT (Uptime: 15d 2h 44m)
    ifindex=4 ifname=port1 172.20.140.2 d4:76:a0:03:14:e6 state=00000002 use=113126 confirm=17 update=113126 ref=1
    ifindex=4 ifname=port1 172.20.140.223 00:0c:29:51:88:f4 state=00000004 use=35481 confirm=35481 update=32050 ref=0
    ifindex=4 ifname=port1 172.20.140.89 1c:1b:0d:98:4a:e8 state=00000004 use=130439454 confirm=130445454 update=130439454 ref=0
    ifindex=1 ifname=loopback 0.0.0.0 00:00:00:00:00:00 state=00000040 use=130581896 confirm=137 update=130581896 ref=0
    FortiMail # diagnose netlink route6 list
    System Time:  2025-05-23 15:28:10 EDT (Uptime: 15d 4h 25m)
    tab=100 type=local protocol=netd flag=00000000 oif=1(loopback) prio=5
    tab=254 type=unicast protocol=kernel flag=00000000 oif=4(port1) dst:2607:f0b0:f:640::/64 prio=100
    ...

    FortiMail # diagnose netlink interface list

    System Time:  2025-05-23 15:38:29 EDT (Uptime: 15d 4h 35m)
    if=loopback family=00 type=772 index=1 mtu=65536 link=0 master=0
    flags=up loopback run
    if=bond0 family=00 type=1 index=2 mtu=1500 link=0 master=0
    flags=broadcast master multicast
    if=dummy0 family=00 type=1 index=3 mtu=1500 link=0 master=0
    flags=broadcast noarp
    ...

    FortiMail # diagnose netlink device

    System Time:  2025-05-23 15:39:14 EDT (Uptime: 15d 4h 36m)
    Inter-|   Receive                                                |  Transmit
    face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
    loopback: 18930057   97298    0    0    0     0          0         0 18930057   97298    0    0    0     0       0          0
    bond0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    dummy0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    port1: 1878497783 6277327    0 568825    0     0          0      3268 304878720  998264    0    0    0     0       0          0
    gre0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    ...
    FortiMail # diagnose netlink tcp
    System Time:  2025-05-23 15:39:36 EDT (Uptime: 15d 4h 36m)
    sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode
    0: 0100007F:0FA0 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 1974 1 00000000dfc8c3c5 100 0 0 10 0
    1: 00000000:03E1 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 3058 1 000000003be029fa 100 0 0 10 0
    ...

    Related topics

    sniffer

    hardware

    system interface

    system route

    Previous
    Next