Hi all,
(An interesting?) Question here.
We have Fortigates deployed in Two locations.
Both Locations have one Metronet for mutual Point 2 Point routing.
As the client requested, The P2P should be working as a second wan at the same time to protect both sites internet accessibility.
So, the design like this way:
The P2P and Internet ISP are in the same SDWAN Zone, the default route was pointed to the SDWAN interface.
My question is,
Assuming the ISP A is now down, the Fortigate at location A will use the P2P to access the internet.
However, if we have a SDWAN "Maximum bandwidth" setting for ISP B and the P2P, is that mean we will have 50% bandwidth loss / due to the looping like below:
For step 1, as Location A has only P2P working, the internet traffic is now routed to B.
For Location B, we use "Maximum Bandwidth" between P2P and ISP B.
Perhaps, would Step 2 appear in around 50% chance? And might be keep looping between 1 and 2?
Of course, Step 3 will be the last for location A internet access, I wonder if the performance is not good in this situation.
What is your opinion?
Not an SDWAN expert, so this might be silly. Can we not implement conditional route advertisement via BGP between Site A and Site B?
Advertise the default route via P2P link only when the ISP link is active. That way, when location A looses ISP link, the P2P route advertised to Site B will be with drawn and the issue can be eliminated.
BGP conditional route advertisement - https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-conditional-advertisement-example-in-a...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.