To Add a New Static Route
Table EntryThe IPv4 Routing Table page displays details about the destination-based routing table for a specific virtual router or for all virtual routers. The routing table provides the security device with routing information that allows it to direct traffic to different subnets via specified interfaces, routers, and virtual routers.
To view the routing table for all configured virtual routers, select All virtual routers in the List route entries for dropdown list. To view the routing table for a specific virtual router, select that virtual router from the dropdown list. In addition, to select how many route entries per page you want to view, select 5, 10, 20, 50, or 100 in the List per page dropdown list.
The routes are organized in the table by the virtual router to which each route belongs. A route with an asterisk (*) designation indicates it is the best route for the specified subnet. The route table provides a read-only summary of all routes—organized in the table by the virtual router to which each route belongs—and displays information in the following columns:
IP/Netmask: The IP address and netmask of the target address to which the route entry leads.
Gateway: Either the IP address of the next-hop router or the name of the next-hop virtual router to which the security device forwards traffic destined for the target address.
Interface: The interface (physical or tunnel) through which the security device must send traffic to reach the target address.
Protocol: The manner in which the route entry is added to the table:
* Indicates the best route for the specified subnet.
P indicates a permanent route.
C indicates an entry originated by an external router that sent a router advertisement that has an interface with a defined IP address.
H indicates an automatically generated 32-bit host route to avoid packets that the device cannot route.
S indicates a static route entry, made manually by an administrator.
I indicates a route entry that the current virtual routing instance imported from a router running a different protocol.
A indicates an auto-exported route entry, made when a virtual router automatically acquires a route from another virtual router (such as when a route appears in VR-1 because you have defined a security zone interface in Route mode in VR-2, which has route exporting enabled).
eB indicates a route entry originated by an Exterior Border Gateway Protocol (EBGP) router.
Exterior BGP routers forwards routing information that it has learned along to other neighbors while an Interior BGP router blocks routing information from other Interior BGP routers.
iB indicates a route entry originated by an Interior Border Gateway Protocol (IBGP) router.
Interior BGP routers reside in the same autonomous system as the current router you are configuring while Exterior BGP routers reside in different autonomous systems from the current router.
O indicates a route entry originated by an Open Shortest Path First (OSPF) router.
R indicates a route entry originated by a Routing Information Protocol (RIP) or Routing Information Protocol Next Generation (RIPng) router.
E1 indicates a route entry originated by an OSPF router running type 1 metrics.
Type 1 external metrics are expressed in the same units as a standard OSPF cost value, calculating a value that comprises a summation of the cost of the distance between the routing instance in the current domain and the ASBR PLUS the cost that is known by the ASBR of the imported route. For example, if a virtual routing instance imports a route from a BGP network that has a cost of 10 and the distance between the current routing instance and the ASBR is 8, the cost of the route is 18.
E2 indicates a route entry originated by an OSPF router running type 2 metrics.
Type 2 external metrics are larger. Any Type 2 metric is considered greater than the cost of any path that is of either an Intra-Area, Inter-Area or Type 1 route type. So no comparison occurs between the two and the route from the three less costly areas is ALWAYS considered the more preferable route. In the instance of two Type 2 routes being compared, then a straight comparison is made. Also when two routers are advertising the same external destination, the advertising router is picked that provides the minimum total cost. When several equal-cost Type 2 routes exist, the internal distance to the advertising routers is used to break the tie.
Preference: A value that determines the best path for traffic to reach its destination. A low preference value is preferable to a high preference value. Where there are multiple routes to the same destination, the route with the lowest preference value is selected.
Metric: A value that defines the priority of the route. All route table entries that are automatically created or acquired when you define an interface (in NAT or Route mode) receive a value of 0, and any user-defined routes receive a value of 1. Where there are multiple routes to the same destination with the same preference value, the route with the lowest metric value is selected.
Vsys: In devices that support virtual systems, the virtual system name appears in the corresponding cell in this column for each route specific to that virtual system. If a route belongs to the root system or is shared by one or more virtual systems and the root system, the corresponding cell in this column for that route remains blank.
Configure: Click Remove to remove a static entry. See below for more details. (You cannot remove derived, auto-exported, or redistributed route entries.)
To Add a New Static Route
Table EntrySelect the virtual router from the drop-down list and click New. For more information, see Static Route Configuration.
To Remove an Existing Static
Route Table EntryOn the Routing Table page, click Remove under the Configure column for the entry that you want to delete.
A System Message window appears prompting you to confirm the removal.
Click OK to proceed, or Cancel to cancel the action.
