Routes

This section allows you to perform diagnostics and monitor route information on NGFW.

To view all routes contained in the default router, use the following command:

Parameter	Description
ip	IP address to which you want to display the route.
node-name	Select a cluster node.
connected	Routes to networks connected directly to NGFW interfaces. These routes are marked with a C in the route list.
kernel	Display the routes added by the administrator. These routes are marked with a K in the route list.
summary	Number of active connections and FIB (Forwarding Information Base) records.
ospf	Display routes received using the OSPF dynamic routing protocol. These routes are marked with a О in the route list.
bgp	Display the routes received using the BGP dynamic routing protocol. These routes are marked with an В in the route list.
rip	Display the routes received using the RIP dynamic routing protocol. These routes are marked with an R in the route list.
virtual-router	Virtual router for which you want to display routes (<vrf-name> \| all).

OSPF Monitoring

To diagnose and monitor OSPF, use the following commands. Display OSPF information:

Admin@nodename> show network ospf ... Admin@nodename> show network ospf <parameter>

Parameter	Description
node-name	Select a cluster node.
virtual-router	Virtual router for which you want to preview general OSPF information: (<vrf-name> \| all).
route	Display routes received using the OSPF dynamic routing protocol.
database	Display the following information: Router Link States: routers use Type 1 Link State Advertisement (LSA) (Router LSA) packets to send information within the same zone; they are used to transmit information about their own and their neighbors' interfaces to their neighboring routers in the same zone. Network Link States: a Designated Router (DR) generates LSA Type 2 (Network LSA) packets to describe all routers connected directly to its segment. Summary Link States: Area Border Routers (ABR) generate LSA Type 3 (Summary LSA) packets. These packets contain summary messages about the directly connected zone, report information to other zones to which the ABR is connected, and are transmitted to multiple zones throughout the network. ASBR-Summary Link States: LSA Type 4 (ASBR Summary LSA) packets report the presence of an Autonomous System Border Router (ASBR) in other areas.
neighbor	Display information on neighbors: Neighbor ID (router ID). Priority. The router with the highest priority becomes the Designated Router, DR. If router priorities are equal, the router with the highest ID will be selected. Status, such as Full/DR, Full/BDR, Full/Drother. Idle interval: the time interval before the connection to the OSPF neighbor is terminated if no Hello packet has been received. IP address of the interface to which the neighbor is connected. Interface on which the router adjacency is formed. Additional parameters: interface-name: display neighbors with which adjacency is established on the specified interface all: display the table with all neighbors. detail: display detailed information about neighbors.
interface	Display OSPF interface information. Additional parameters: interface-name: display information about the specified interface traffic: display the statistics of transmitted and received OSPF packets (Hello, Database Description, Link State Request, Link State Update, Link State Acknowledgment).
border-routers	Display information about border routers.

Restart the OSPF process:

Admin@nodename> clear network ospf <parameter>

Parameter	Description
interface-name	The interface name.
node-name	Select a cluster node.
virtual-router	Virtual router on which you want to restart OSPF (<vrf-name> \| all).
interface	Interface on which you want to restart the OSPF process (<interface-name>).
neighbor	Select neighbors for which the process will be restarted.

BGP Monitoring

To diagnose and monitor BGP, use the following commands.

Display the router's BGP table:

Admin@nodename> show network bgp ... Admin@nodename> show network bgp <parameter>

Parameter	Description
node-name	Select a cluster node.
virtual-router	Virtual router for which you want to display routes (<vrf-name> \| all).
ip	IP address to which you want to display the route.
statistics	Display BGP statistics.
neighbors	Display information about BGP neighbors (to display information about a specific neighbor, provide its IP address). Additional parameters available to use to specify a neighbor: received-routes: the routes received before the incoming policy is applied to them (Routemap and filters) advertised-routes: the routes advertised to the specified neighbor.
summary	Display summary information on neighbors.

Re-request information from BGP neighbors (TCP session break):

Admin@nodename> clear network bgp

Available parameters:

Parameter	Description
ip	IP address of the neighbor to which the connection will be interrupted to update information.
node-name	Select a cluster node.
virtual-router	Name of the virtual router to which the BGP neighbor belongs.

In case the neighbor devices support the Route Refresh method you can send a special message like ROUTE REFRESH instead of reinitializing the entire session with the neighbor. You can send this message to update information without interrupting the routing.

To update information without interrupting the session with the neighbor, use the following command:

Admin@nodename> clear network bgp ip <neighbor-ip> soft in | out Admin@nodename> clear network bgp virtual-router <vrf-name> ip <neighbor-ip> soft in | out

RIP Monitoring

To diagnose and monitor RIP, use the following commands.

Display RIP information from the default router table (network address received via RIP, Next Hop address, route metric, route tag to separate internal and external routes, and timeout to invalidate the route if no information about it has been received):

Admin@nodename> show network rip ... Admin@nodename> show network rip <parameter>

Additional available parameters:

Parameter	Description
node-name	Select a cluster node.
status	Current RIP status: version, timers, filters, routes distributed, etc.
virtual-router	Virtual router for which you want to preview RIP route information: <vrf-name> \| all.

Multicast traffic monitoring

To view the multicast traffic routing table on the default router, use the following command:

Admin@nodename> show network mroute ... Admin@nodename> show network mroute <parameter>

Additional available parameters:

Parameter	Description
node-name	Select a cluster node.
count	Display statistics about the group and the source.
virtual-router	Select a virtual router: <vrf-name> \| all.
summary	Summary of each record in the multicast routing table.
fill	Multicast traffic routing table. Additional parameter: ip: display the entry for a particular IP address (the IP address should follow).
ip	Display the record for a particular IP address (provide the IP address).

IGMP Monitoring

To monitor IGMP (Internet Group Management Protocol) operation, use the following command (the parameters are required). Display information for the default router:

Admin@nodename> show network igmp <parameters>

Parameters:

Parameter	Description
node-name	Select a cluster node.
virtual-router	Select a virtual router.
statistics	Message statistics: IGMP Membership Query is a message from the server to the client with a request to renew the client's group subscriptions lest the server stop broadcasting the group(s) to this network segment. IGMP Leave is a message from the client to the server notifying that the client wants to remove the multicast group from the list of group subscriptions. IGMP Membership Report is a message from the client to the server notifying that the client wants to receive this group's traffic.
join	Display information about IGMP groups.
sources	Display information about multicast traffic sources.
groups	Display the multicast groups received via IGMP protocol. The following information is displayed: Total number of groups. Interface via which the group is available. Group address. INCLUDE or EXCLUDE mode. Timer that determines the period for which the router will stop forwarding traffic to the interface if no IGMP Membership Report has been received. How long the group is known.
interface	Display the interface information related to multicast routing: Interface name, status, and address. IGMP version. Querier and its address. Timer that is reset every time a Query message with a lower IP address arrives. You can specify: interface-name: the name of the interface detail: detailed information about the interface.

PIM Monitoring

To monitor PIM (Protocol-Independent Multicast), use the following command (the parameters are required). Display information for the default router:

Admin@ndename> show network pim <parameter>