ADVPN

For the correct operation of ADVPN, it is required to preserve all sites’ prefixes unchanged, including their original BGP next-hop values. Hence, it is impossible to replace the specific routes with summaries (unlike in a static hub-and-spoke topology). Hence, the BGP RR function is mandatory: the gateway must reflect the original routes between the spokes without altering them.

FortiOS 6.4 and earlier:

We have already mentioned the critical property of overlay stickiness that we must guarantee for proper ADVPN shortcut creation. For example, if spoke-1 sends traffic to spoke-2 using an internet overlay through the hub, the hub must select the same internet overlay for the second half of the path. Failing to preserve the overlay might result in an attempt to create an ADVPN shortcut between two physically disconnected transports (such as the internet and MPLS), and this attempt would, of course, fail. The overlay stickiness is achieved using policy routes (PBR) on the hub.

ADVPN

FortiOS 6.4 and earlier:

We have already mentioned the critical property of overlay stickiness that we must guarantee for proper ADVPN shortcut creation. For example, if spoke-1 sends traffic to spoke-2 using an internet overlay through the hub, the hub must select the same internet overlay for the second half of the path. Failing to preserve the overlay might result in an attempt to create an ADVPN shortcut between two physically disconnected transports (such as the internet and MPLS), and this attempt would, of course, fail. The overlay stickiness is achieved using policy routes (PBR) on the hub.