Question 1
Refer to the exhibit, which shows the port1 interface configuration on FortiGate and partial session information for ICMP traffic.
What happens to the session information if a routing change occurs that affects this session?
The AI agrees with the suggested answer.
Suggested Answer: B
Reasoning:
The session information will not change unless the current route has been removed from the routing table. FortiGate marks existing session routing information as persistent and only applies the modified routes to new sessions. If the current route is no longer present in the Forwarding Information Base (FIB), FortiGate flags the session as dirty and re-evaluates it. The key point here is that a routing change alone doesn't immediately invalidate existing sessions; the *specific* route being used by the session must be removed.
Why other options are incorrect:
- A: Only the interface and gateway information for dev=7 will be removed. - This is incorrect because a routing change doesn't automatically remove interface/gateway information unless the route utilizing that interface is removed.
- C: The session will be flagged as dirty but no route lookups will be performed. - This is incorrect because if the route is impacted, FortiGate *will* perform new route lookups after flagging the session as dirty.
- D: Sessions involving port7 or port19 will not have their routing information flushed. - This is incorrect, the routing information is tied to the routes, not the specific ports, unless the route involving these ports is modified/removed.







