Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
brainer
New Contributor

Fortigate Traffic flow SD WAN

Hello Community

 

I have a question about traffic flow in sdwan. in which order is the firewall policy, sd wan policy, traffic shaping are handled.

 

Best Regards,

 

Bernhard

2 REPLIES 2
Toshi_Esumi
SuperUser
SuperUser

https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-life-of-packet/lop-packet-flow-ingre...

 

This is the closest I could find in my on-line search. Looks like SD-WAN is processed as a part of routing (basically policy routes). Then multiple phases(components) of policy are examined in following phases. Traffic shaping decisions seem to come up almost at the end before sending into the protocol stack.

localhost

Yes - The 'life of packet' document is most likely what you were looking for.

 

SD-Wan rules are basically fancy policy routes.

Routing order looks like this.

 

1. Policy routing lookup

2. SD-WAN routing lookup

3. FIB routing lookup (routes from routing protocols, static routes, connected interfaces)

 

If a valid route entry was found it looks and applies the matching firewall policy.

If the Fortigate is unable to find a matching policy the packet is dropped.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors