ip-forward | Enabled by default. Do not disable under normal circumstances. If disabled, functions related to routing, like link loadbalancing, static routing, policy routing, and OSPF routing cannot function. |
ip6-forward | Enabled by default. Do not disable under normal circumstances. If disabled, functions related to routing, like link loadbalancing, static routing, policy routing, and OSPF routing cannot function. |
rt-cache-reverse | When enabled, forwards reply packets to the ISP link that forwarded the corresponding request packet. When not enabled, forwards all packets based on the results of routing lookup. The rt-cache-reverse function is useful when your site gets traffic routed to it from multiple ISP links. Enabled by default. |
rt-cache-strict | Enable it when you want to send reply packets only via the same interface that received the request packets. When enabled, source interface becomes part of the matching tuple FortiADC uses to identify sessions, so reply traffic is forwarded from the same interface that received the traffic. Normally each session is identified by a 5-tuple: source IP, destination IP, protocol, source port, and destination port. Disabled by default. |
config rt-cache-reverse-exception | |
ip-netmask | If rt-cache-reverse is enabled, you can specify source IP addresses that should be handled differently. Specify a subnet IP address and netmask for each exception. For example, if you configure an exception for 192.168.1.0/24, FortiADC will not maintain a pointer to the ISP for traffic from source 192.168.1.18. Reply packets will be forwarded based on the results of routing lookup. |