Fun with fortiOS routes and /32

FortiOS has has ability to use a /32 on a defined  LAN interface. In reality you will not gain anything by doing this. I want to show you a few issues with /32 on a interface & the issues that will come up.


Here's my system interface configuration;

note: you notice the /32 mask

Here's the route table;

No route exist. The only way to see this route is vi the get router info kernel output

One  other issue, if you try to use it in a static route entry, all routes will be flagged inactive.

btw: that interface is pingable from the execute ping standpoint


Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \