Fortinet black logo

SD-WAN Deployment for MSSPs

Home FortiGate / FortiOS 7.0.0 SD-WAN Deployment for MSSPs
7.0.0
7.2.0
7.0.0
6.4.0

BGP on loopback design limitations

BGP on loopback design limitations

The following limitations currently exist in the new BGP on loopback design:

  1. Reduced support for Hub-to-Edge SD-WAN: When sessions are originated behind the Hub, it is generally not possible to guarantee that they select the preferred or healthy overlay on their way to the Edge devices. They will follow the conventional routing, potentially selecting an unhealthy or a backup overlay.
  2. Suboptimal switchover with segregated transports: In topologies that include several transports that are physically segregated from each other (the most common example being Internet and MPLS), in certain failure scenarios, the traffic between two Edge devices might not trigger a direct ADVPN shortcut during switchover, for example, consider a classical dual-overlay topology (Internet + MPLS, with Internet being the preferred transport). When an Internet link is down on the remote Edge device, the traffic might not build a backup end-to-end shortcut via the MPLS, but rather it would flow via the Internet overlay between the originating Edge and the Hub, at which point the Hub would switch it to the MPLS overlay.
Note

Despite the above limitations, the traffic will nevertheless reach its destination. Additionally, these limitations might not apply in certain simple scenarios.

We recommend contacting your Fortinet representatives for more details in the context of your project.
Previous
Next

BGP on loopback design limitations

The following limitations currently exist in the new BGP on loopback design:

  1. Reduced support for Hub-to-Edge SD-WAN: When sessions are originated behind the Hub, it is generally not possible to guarantee that they select the preferred or healthy overlay on their way to the Edge devices. They will follow the conventional routing, potentially selecting an unhealthy or a backup overlay.
  2. Suboptimal switchover with segregated transports: In topologies that include several transports that are physically segregated from each other (the most common example being Internet and MPLS), in certain failure scenarios, the traffic between two Edge devices might not trigger a direct ADVPN shortcut during switchover, for example, consider a classical dual-overlay topology (Internet + MPLS, with Internet being the preferred transport). When an Internet link is down on the remote Edge device, the traffic might not build a backup end-to-end shortcut via the MPLS, but rather it would flow via the Internet overlay between the originating Edge and the Hub, at which point the Hub would switch it to the MPLS overlay.
Note

Despite the above limitations, the traffic will nevertheless reach its destination. Additionally, these limitations might not apply in certain simple scenarios.

We recommend contacting your Fortinet representatives for more details in the context of your project.
Previous
Next