Read the Firebox Route Tables

In the Firebox System Manager Status Report tab or in the Routes System Status Page in Fireware Web UI you can see the internal route tables for your Firebox.

See the Firebox Route Tables

You can see the Firebox route tables in Firebox System Manager or Fireware Web UI.

Routes in the Firebox internal route tables include:

  • Routes the Firebox learns from dynamic routing processes running on the device (RIP, OSPF, and BGP)
  • Permanent (static) network routes or host routes you add, as long as there is a route to the specified gateway
  • Routes the Firebox automatically creates based on the network configuration information

Route Table Information

The Status Report has two route tables:

IPv4 Routes

Shows the first 100 IPv4 routes, including IPv4 static, dynamic, connected, and BOVPN virtual interface routes.

IPv6 Routes

Shows the first 100 IPv6 routes, including IPv6 static, dynamic, connected, and BOVPN virtual interface routes.

In Fireware v12.8.1 or higher, if you add a BOVPN virtual interface to your configuration, IPv6 is enabled by default. The IPv6 link-local route fe80::/64 automatically appears in the Route To list on this page. This route enables IPv6 routing capability on the BOVPN virtual interface and does not affect tunnel functionality.

The information that appears for each route includes:

  • Destination — the destination IP address for the route
  • Gateway — for an IPv4 route, the IP address of the gateway the route uses.
  • Genmask — for an IPv4 route, the subnet mask for the destination IP address
  • Flags — route flags that indicate characteristics of the route
  • Interface —the interface to which packets for this route will be sent; for example eth0 for interface 0
  • Distance — the routing metric, or cost for the route. A lower number indicates a lower cost, and higher route priority. In Fireware v12.9 or higher, Distance replaces Metric.
  • Next Hop — for an IPv6 route, the IP address of the next hop for the route

Some of the more common flags include:

  • U indicates a route that is up
  • H indicates a route to a host
  • G indicates an IPv4 route that uses an external gateway or an IPv6 route that uses the next hop
  • D indicates a dynamic route

In the Status Report, each route table can show a maximum of 100 routes. If there are more than 100 routes, you can use Fireware Web UI or CLI to see a filtered list of routes.

Default Route Distance (Metric)

If your Firebox has only one external interface (single WAN), the default route distance (metric) is 5. If your Firebox has more than one external interface (multi-WAN), the default route distance is 20 for an external interface that does not participate in multi-WAN.

For an external interface that participates in multi-WAN, the default route distance depends on the multi-WAN configuration:

Multi-WAN Method Default Route Distance (Metric)
Routing Table 5
Round Robin 5
Interface Overflow 5
Failover 10
Failover (secondary external interface) 11

For each additional secondary external interface, increase the distance value by 1. For example, if you have three secondary external interfaces, the distances are 11, 12, and 13.

See Also

Traffic and Performance Statistics (Status Report)

Routes and Routing