Fortinet black logo

Multiple Datacenters for Enterprise (primary/primary)

Home FortiManager 7.2.0 Multiple Datacenters for Enterprise (primary/primary)
7.2.0
7.2.0

SD-WAN self-healing with BGP

SD-WAN self-healing with BGP

SD-WAN self-healing with BGP is used to signal the optimal interface to use for traffic destined back to the spoke. Interfaces that do not meet our pre-defined SLA will be marked as out-of-sla to other devices in the SD-WAN network.

This example demonstrates a scalable configuration using options that help simplify head-end traffic-steering in an SD-WAN setup that uses a hub and spoke topology. In this example, the hub and branches have basic configurations, with one set of SD-WAN rules on the hub to cover all branch instances.

The hub does not need to reference branch addresses in the SD-WAN rules to steer traffic to each branch over the healthy VPN overlay. It also does not need to run health checks to the branches to determine what paths are healthy. Instead, the branches configure health checks to monitor the links, and use BGP and BGP communities to satisfy both requirements by updating the hub with the status of the links over BGP. This avoids manual maintaining health checks from the head-end, allowing for better scalability.

This section contains the following topics:

Previous
Next

SD-WAN self-healing with BGP

SD-WAN self-healing with BGP is used to signal the optimal interface to use for traffic destined back to the spoke. Interfaces that do not meet our pre-defined SLA will be marked as out-of-sla to other devices in the SD-WAN network.

This example demonstrates a scalable configuration using options that help simplify head-end traffic-steering in an SD-WAN setup that uses a hub and spoke topology. In this example, the hub and branches have basic configurations, with one set of SD-WAN rules on the hub to cover all branch instances.

The hub does not need to reference branch addresses in the SD-WAN rules to steer traffic to each branch over the healthy VPN overlay. It also does not need to run health checks to the branches to determine what paths are healthy. Instead, the branches configure health checks to monitor the links, and use BGP and BGP communities to satisfy both requirements by updating the hub with the status of the links over BGP. This avoids manual maintaining health checks from the head-end, allowing for better scalability.

This section contains the following topics:

Previous
Next