Routing Concepts and Troubleshooting Quiz
30 Questions
6 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which mode is the default mode for RPF check?

  • Loose
  • Feasible path (correct)
  • Active
  • Strict
  • In feasible path mode, the packet is accepted as long as there is one active route to the source IP through the incoming interface.

  • Depends on the source IP
  • Depends on the incoming interface
  • True (correct)
  • False
  • Does the packet from 10.4.0.1 to 10.1.0.1 get accepted?

  • Depends on the interface
  • No
  • Depends on the route
  • Yes (correct)
  • Does the packet from 172.16.1.1 to 10.1.0.1 get accepted?

    <p>No</p> Signup and view all the answers

    What was feasible path mode formerly known as?

    <p>Loose</p> Signup and view all the answers

    Does the packet need to take the best route in feasible path mode?

    <p>No</p> Signup and view all the answers

    Is there an active route to the IP-address 172.16.1.1 through port3?

    <p>No</p> Signup and view all the answers

    What is the destination IP of the packet that is accepted?

    <p>10.1.0.1</p> Signup and view all the answers

    What is the destination IP of the packet that is not accepted?

    <p>172.16.1.1</p> Signup and view all the answers

    What is the default route used for?

    <p>Accepting packets</p> Signup and view all the answers

    Which table does FortiGate go to if the action in a policy route is Stop Policy Routing?

    <p>Route Cache</p> Signup and view all the answers

    What is the purpose of the Forwarding Information Base (FIB)?

    <p>Packet Forwarding</p> Signup and view all the answers

    In a FortiGate high availability (H-A) cluster, which table exists only on the secondary FortiGate?

    <p>Forwarding Information Base</p> Signup and view all the answers

    What happens if there is no match in any of the routing tables?

    <p>Packet is dropped</p> Signup and view all the answers

    What is the first criteria used by FortiGate to select a route when there are multiple routes to a destination?

    <p>Longest netmask</p> Signup and view all the answers

    When does FortiGate use the lowest metric as the tiebreaker for dynamic routes?

    <p>When there are multiple routes with the same distance</p> Signup and view all the answers

    Which type of routes does FortiGate use the lowest priority as the tiebreaker?

    <p>Static routes</p> Signup and view all the answers

    What is equal cost multipath (ECMP) used for?

    <p>Traffic sharing</p> Signup and view all the answers

    Under what conditions does FortiGate add a static route to the routing table?

    <p>All of the above</p> Signup and view all the answers

    What does the reverse path forwarding (RPF) check protect against?

    <p>IP spoofing attacks</p> Signup and view all the answers

    FortiGate performs routing table lookup how many times for any session?

    <p>Twice</p> Signup and view all the answers

    What happens to the route information in the session table after a routing change?

    <p>It is flushed from affected sessions and route cache</p> Signup and view all the answers

    How many routing lookups does FortiGate usually perform for a traffic session?

    <p>Two</p> Signup and view all the answers

    When would FortiGate perform additional routing table lookups?

    <p>After a routing change</p> Signup and view all the answers

    How does FortiGate decide routes?

    <p>Based on the routing modules</p> Signup and view all the answers

    Which command can be used to view FortiGate's policy routes?

    <p>diagnose firewall proute list</p> Signup and view all the answers

    How many routing modules does FortiGate have?

    <p>One</p> Signup and view all the answers

    What does FortiGate do with the routing information after performing routing lookups for a session?

    <p>It stores the routing information in the session table</p> Signup and view all the answers

    What happens to the route information in the session table after a routing change?

    <p>It is flushed from affected sessions and route cache</p> Signup and view all the answers

    Is FortiGate a stateful or stateless device?

    <p>Stateful</p> Signup and view all the answers

    Study Notes

    RPF Check

    • The default mode for RPF check is feasible path mode.

    Feasible Path Mode

    • In feasible path mode, a packet is accepted as long as there is one active route to the source IP through the incoming interface.
    • Feasible path mode was formerly known as "asymmetric routing".
    • The packet does not need to take the best route in feasible path mode.

    Packet Acceptance

    • The packet from 10.4.0.1 to 10.1.0.1 gets accepted.
    • The packet from 172.16.1.1 to 10.1.0.1 gets accepted.

    Route Information

    • There is no active route to the IP address 172.16.1.1 through port3.
    • The destination IP of the packet that is accepted is 10.1.0.1.
    • The destination IP of the packet that is not accepted is not specified.

    Routing

    • The default route is used for routing packets when there is no specific route.
    • When the action in a policy route is Stop Policy Routing, FortiGate goes to the Kernel routing table.
    • The purpose of the Forwarding Information Base (FIB) is to facilitate routing decisions.
    • In a FortiGate high availability (H-A) cluster, the secondary FortiGate has a dedicated routing table.
    • If there is no match in any of the routing tables, FortiGate uses the default route.
    • The first criteria used by FortiGate to select a route when there are multiple routes to a destination is the longest prefix match.
    • FortiGate uses the lowest metric as the tiebreaker for dynamic routes when there are multiple routes with the same prefix length.
    • FortiGate uses the lowest priority as the tiebreaker for static routes.
    • Equal cost multipath (ECMP) is used for load balancing and redundancy.

    Route Addition

    • FortiGate adds a static route to the routing table when the route is configured manually.

    RPF Protection

    • The reverse path forwarding (RPF) check protects against spoofing attacks.

    Routing Table Lookup

    • FortiGate performs routing table lookup only once for any session.
    • The route information in the session table is updated after a routing change.
    • FortiGate usually performs one routing lookup for a traffic session.
    • FortiGate performs additional routing table lookups when the routing table changes or the session is re-established.

    Route Decision

    • FortiGate decides routes based on the routing table and policy routes.

    Policy Routes

    • The command to view FortiGate's policy routes is "diag debug appl cs-route".

    Routing Modules

    • FortiGate has two routing modules: the kernel routing table and the FIB.

    Routing Information

    • After performing routing lookups for a session, FortiGate stores the routing information in the session table.
    • The route information in the session table is updated after a routing change.
    • FortiGate is a stateful device.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on routing concepts and troubleshooting with this quiz. Learn about route lookup in FortiGate and how routing information is stored in session tables and route cache. Find out what happens to route information after a routing change.

    More Like This

    Module 14: Routing Concepts
    28 questions
    Routing Concepts - SRWE Module 14
    43 questions
    Use Quizgecko on...
    Browser
    Browser