Customizable routing widgets
Router Dynamic
FortiGate Version 4.0 Administration Guide
312
01-400-89802-20090424
Prefix List
A prefix list is an enhanced version of an access list that allows you to control the length of
the prefix netmask.
Each rule in a prefix list consists of a prefix (IP address and netmask), the action to take
for this prefix (permit or deny), and maximum and minimum prefix length settings.
The FortiGate unit attempts to match a packet against the rules in a prefix list starting at
the top of the list. If it finds a match for the prefix it takes the action specified for that prefix.
If no match is found the default action is deny. A prefix-list should be used to match the
default route 0.0.0.0/0.
For a prefix list to take effect, it must be called by another FortiGate unit routing feature
such as RIP or OSPF. For more information about RIP, see
. For more
information about OSPF, see
.
Figure 185: Prefix List GUI widget
For more information on the prefix list, see the “router” chapter of the
.
Route Map
Route maps provide a way for the FortiGate unit to evaluate optimum routes for
forwarding packets or suppressing the routing of packets to particular destinations using
the BGP routing protocol. Compared to access lists, route maps support enhanced
packet-matching criteria. In addition, route maps can be configured to permit or deny the
addition of routes to the FortiGate unit routing table and make changes to routing
information dynamically as defined through route-map rules.
The FortiGate unit compares the rules in a route map to the attributes of a route. The rules
are examined in ascending order until one or more of the rules in the route map are found
to match one or more of the route attributes:
•
When a single matching match-* rule is found, changes to the routing information are
made as defined through the rule’s set-ip-nexthop, set-metric, set-metric-type, and/or
set-tag settings.
Prefix-list
Enter the name of a new prefix-list. Select
Add
to save the new prefix list
entry.
Name
The name of the prefix list, or the number of the prefix entry.
Action
The action of the prefix entry. Actions can be permit or deny.
Prefix
The IP address and netmask associated with this prefix. Optionally this can
be set to match any address.
GE
Select the number of bits to match in the address. This number or greater
will be matched for there to be a match.
LE
Select the number of bits to match in the address. This number or less will
be matched for there to be a match
Delete Icon
Select to remove a prefix entry or list.
Add Icon
Select to add a prefix entry to a list.
Edit Icon
Select to edit an existing prefix entry.
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...