Manuals / Fortinet / Computer Equipment / Network Card

Fortinet FortiGate-800 manual Configuring Dhcp services, Policy routing command syntax, 157

Models: FortiGate-800

1 336
Download 336 pages 18.65 Kb
Page 157
Image 157

Network configuration

Configuring DHCP services

 

 

Using policy routing you can build a routing policy database (RPDB) that selects the appropriate route for traffic by applying a set of routing rules. To select a route for traffic, the FortiGate unit matches the traffic with the policy routes added to the RPDB starting at the top of the list. The first policy route that matches is used to set the route for the traffic. The route supplies the next hop gateway as well as the FortiGate interface to be used by the traffic.

Packets are matched with policy routes before they are matched with destination routes. If a packet does not match a policy route, it is routed using destination routes.

The gateway added to a policy route must also be added to a destination route. When the FortiGate unit matches packets with a route in the RPDB, the FortiGate unit looks in the destination routing table for the gateway that was added to the policy route. If a match is found, the FortiGate unit routes the packet using the matched destination route. If a match is not found, the FortiGate unit routes the packet using normal routing.

To find a route with a matching gateway, the FortiGate unit starts at the top of the destination routing table and searches until it finds the first matching destination route. This matched route is used to route the packet.

For policy routing examples, see “Policy routing examples” on page 55.

Policy routing command syntax

Configure policy routing using the following CLI command.

set system route policy <route_int> src <source_ip> <source_mask> iifname <source-interface_name>

dst <destination_ip> <destination_mask>

oifname <destination-interface_name> protocol <protocol_int> port <low-port_int> <high-port_int> gw <gateway_ip>

Complete policy routing command syntax is described in Volume 6: FortiGate CLI

Reference Guide.

Configuring DHCP services

You can configure DHCP server or DHCP relay agent functionality on any FortiGate interface.

A FortiGate interface can act as either a DHCP server or as a DHCP relay agent. An interface cannot provide both functions.

Note: To configure DHCP server or DHCP relay functionality on an interface, the FortiGate unit must be in NAT/Route mode and the interface must have a static IP address.

This section describes the following:

Configuring a DHCP relay agent

Configuring a DHCP server

FortiGate-800 Installation and Configuration Guide

157

Page 156 Page 158
Page 157
Image 157
Fortinet FortiGate-800 manual Configuring Dhcp services, Policy routing command syntax, 157
Page 156 Page 158