RIP 设置RIP 配置

RIP 设置

配置 RIP 设置以启用基本的 RIP 功能和度量,以及配置 RIP 计时器。 1 进入 系统 >RIP> 设置。

2 单击启用 RIP 服务器以将 FortiGate 设备配置为一个 RIP 服务器。

3 单击启用广告默认值以使得 FortiGate 设备在 RIP 路由表更新中包含它的默认路由。

4 单击启用自动归纳以自动将子网路由归纳进网络级路由中。

如果自动归纳功能没有启用,FortiGate 将穿过常规网络的边界传输子网络后缀路由。

5 修改以下 RIP 默认设置以调整并优化 RIP 性能。

RIP 默认设置在大多数配置中是有效的。只有当您的 RIP 配置出现问题的时候您才有必 要修改这些设置。

默认度

对默认度量的修改将应用到带有不兼容的度量的路由上。默认的度量帮助解

 

决如何分配带有不兼容的度量的路由问题。任何时候当度量无法被转换时,

 

RIP 使用默认的度量提供一个合理的替代度量以使得重新分配工作可以继续进

 

行。默认度量的默认设置是 2。

输入队列

修改 RIP 输入队列的长度。设置的数值越大,则队列越长。如果您的

 

FortiGate 设备使用很高的速度向一个可能无法以此速度接收的低速的路由器

 

发送数据,则您可以修改队列长度以适应这一情况。修改这一配置可以防止

 

路由表丢失信息。可以设置的值的范围是从 0 到 1024。默认的输入队列的长

 

度是 50。长度为 0 的输入队列意味着没有输入队列。

输出延迟

修改输出延迟可以在多数据包 RIP 更新的数据包时间添加毫秒级的延迟。标

 

准的输出延迟是 8 到 50 毫秒。如果您配置 RIP 的 FortiGate 设备要将更新数

 

据包发送到一个路由器,而这个路由器又无法以 FortiGate 设备发送的速率

 

接收更新数据包,那么您可以为 FortiGate RIP 设定一个输出延迟。默认的

 

输出延迟是 0 毫秒。

6 修改以下 RIP 计时器设置以调整和优化 RIP 的性能。

RIP 计时器的默认设置在大多数配置中都能正常工作。只有当您的 RIP 配置出现问题的 时候您才有必要修改计时器设置。

更新

两次发送路由表更新之间的以秒为单位的时间间隔。默认的间隔是 30 秒。

失效

路由被宣布为失效的以秒为单位的时间间隔。失效时间间隔应当至少是更新

 

时间间隔的三倍。当没有更新信息刷新一条路由时,这个路由即被宣布为失

 

效。于是这条路由进入阻挡状态。这条路由将被标记为不可访问,并对外宣

 

布路由不可到达。然而,这个路由仍旧可以用于转发数据包。默认的值是 180

 

秒。

路由信息表明路径被禁止的以秒为单位的时间间隔。阻挡应当至少是更新时

 

间间隔的三倍。当收到一个更新数据包指示路由不可到达时,该路由进入阻

 

挡状态。此路由将被标记为不可访问和对外宣布为不可到达,且不再用于转

 

发数据包。当阻挡过期时,路由可以被从路由表中清除。默认的设置是 180

 

秒。

一条路由被从路由表中删除之前必须经历的以秒为单位的时间。清除的值必

 

须大于失效的时间设置。如果清除的值小于失效时间设置,系统将不会等

 

正常的阻挡时间间隔完成,结果就是将在阻挡时间间隔完成之前就接受了一

 

条新的路由。默认的值是 240 秒。

7 单击应用以保存您所做的设置。

126

美国飞塔有限公司

Page 138
Image 138
Fortinet 500 manual Rip 设置, 126, 单击应用以保存您所做的设置。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.