Hi all ¡¡
I have not worked with BGP on a regular basis and I would like to know your opinion.
In brief, I'm going to connect my firewall to 2 different ISPs routers(same provider) and I'm going to obtain from each of them a default route (0.0.0.0). One of them (Router2), gives me the same default route with prepend (less preferred) using another BGP session. Router 1 gives the default route witouth prepend.
In the other hand, I'm going to add these 2 default routes to my SDWAN (I have more defaults than these 2).
Is there a simple way to configure these 2 default routes on sdwan , so it routes traffic allways to the default, witouth prepends (Router 1), and only routes traffic to the other default when the Router1 is down. I've read about route maps, route tag etc, but maybe there is a more easy way to do it? Can SDWAN check the prepend to choice the active route?
Thanks for your help ¡¡¡
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
In my opinion, in your situation/scope, BGP and SD-WAN is either or. If you just want to use one of BGP's metrics (AS path length) to steer all traffic from one side to the other, I wouldn't put them in a SD-WAN zone, or I would't use SD-WAN.
On the other hand, if you want to select the second path/ISP for some specific types of traffic while all other traffic would go to the primary path/ISP, I would use SD-WAN setting up proper rules to choose the first path/ISP for most of traffic, then those specific traffic to use the second path.
With the latter setting, you don't need BGP default routes with the metric but need two static default routes to both without any metric difference.
Toshi
Thanks Toshi.
About the use of SDWAN I have some default routes (0.0.0.0 0.0.0.0) added to sdwan,I think I need to add this one too to be able to indicate on which ISP router each traffic to internet goes out. I have some ISPs and some default routes. With sdwan rules I choice wich of them I use for each circumstance. I don't want to balance traffic between these 2 news default routes.
Thank you very much for your helpful comments. I think there are several ways to do it and I wanted to hear some opinions like yours, to help me decide the best way.
hello,
please refer to the document regarding SD-WAN rules when a mix of static and dynamic default routes is in use.
In @fortimaster 's case, two static default routes should override those BGP default routes. I don't see any reason both need to show up in the routing table with the same admin distance if SD-WAN should decide which path to be used (only two circuits anyway).
Toshi
Thanks¡¡
When I make the new connections I will comment on how I finally configured it. But probably the document that shashwati has attached will be useful for me. Finally I will have several static routes and several dinamic routes to the same destination (internet).
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.