Skip to main content
Umesh
Umesh
Explorer II
July 1, 2025
Question

Underlay vs Overlay need to understand

  • July 1, 2025
  • 6 replies
  • 3686 views

Dear All,

 

Anybody can explain in laymon term what is under lay and over lay in SDWAN concept and how does it work.

 

Why under lay and over lay need.

 

 

Thank you in advanced for sharing the knowledge.

 

 

6 replies

sjoshi
Staff
sjoshi
Staff
July 1, 2025

Hi @Umesh 

 

In SD-WAN, the underlay refers to the actual physical network connections like MPLS, broadband, or 4G/5G that carry the data between locations, while the overlay is the virtual, software-defined network built on top of the underlay that creates secure tunnels and intelligently manages how traffic is routed across those physical links.

Thanks, Salon
    kaman
    Staff
    kaman
    Staff
    July 1, 2025

    Hi Umesh,

    The underlay is the physical network infrastructure itself — the actual cables, routers, internet links, and circuits that carry your data.


    It includes all your WAN connections like MPLS, broadband internet, LTE, etc. The underlay just moves packets from point A to point B, without any intelligence about the applications or services running on top.


    The overlay is a virtual network layer built on top of the underlay.


    It creates logical tunnels or connections (like VPN tunnels) between sites over the physical underlay.


    FortiGate’s SD-WAN feature monitors each WAN link (underlay) for performance (latency, jitter, packet loss).


    If you have found a solution, please like and accept it to make it easily accessible to others.


    Regards,
    Aman

     

      Toshi_Esumi
      SuperUser
      Toshi_Esumi
      SuperUser
      July 1, 2025

      Tricky thing is if you add site-to-site IPsec VPNs to SD-WAN members, those are also considered as underlay. They're equal, from SD-WAN's view, to other physical interfaces in the members.

      Toshi 

      F
      finmark2
      New Member
      April 24, 2026

      Hi ​@Umeshmyhtspace

      Underlay vs Overlay need to understand

      Dear All,

      Anybody can explain in laymon term what is under lay and over lay in SDWAN concept and how does it work.

      Why under lay and over lay need.

      Thank you in advanced for sharing the knowledge

       

      Underlay is the physical network (internet/MPLS) that carries traffic, while overlay is the virtual SD-WAN layer that securely routes and controls how data travels over it.We need both because underlay provides connectivity, and overlay adds intelligence like routing, encryption, and performance optimization on top.

      syordanov
      Staff
      syordanov
      Staff
      April 24, 2026

      Hello Umesh,

      Underlay is  the network infrastructure carrying your traffic . Example for underlay is MPLS, LTE5/5G, ISP connection .

      The overlay is the IPSec configured on top of the underlay.

       

      Best regards,

      Fortinet

      VinayHM
      Staff
      VinayHM
      April 24, 2026

      HI Umesh
       

      Please go through the article to understand difference between underlay and overlay

      https://docs.fortinet.com/document/fortigate/7.4.0/new-features/107532/overlays-and-underlays

      Terms & ConditionsAccessibility statement