Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Potato
New Contributor III

Created on ‎09-12-2023 11:29 PM

Slightly Routing Loop between Two Fortigate SDWAN ?

Hi all,

 

(An interesting?) Question here.

 

We have Fortigates deployed in Two locations.

 

Both Locations have one Metronet for mutual Point 2 Point routing.

 

As the client requested, The P2P should be working as a second wan at the same time to protect both sites internet accessibility.

 

So, the design like this way:

 

SDWAN1.PNG

 

The P2P and Internet ISP are in the same SDWAN Zone, the default route was pointed to the SDWAN interface.

 

My question is,

 

Assuming the ISP A is now down, the Fortigate at location A will use the P2P to access the internet.

However, if we have a SDWAN "Maximum bandwidth" setting for ISP B and the P2P, is that mean we will have 50% bandwidth loss / due to the looping like below:

 

SDWAN2.PNG

 

For step 1, as Location A has only P2P working, the internet traffic is now routed to B.

For Location B, we use "Maximum Bandwidth" between P2P and ISP B.

 

Perhaps, would Step 2 appear in around 50% chance?  And might be keep looping between 1 and 2?

 

Of course, Step 3 will be the last for location A internet access, I wonder if the performance is not good in this situation.

 

What is your opinion? 

 

 

Labels:
515
0 Kudos
1 REPLY 1
srajeswaran
Staff
Staff

Created on ‎09-13-2023 12:47 AM

Not an SDWAN expert, so this might be silly. Can we not implement conditional route advertisement via BGP between Site A and Site B?
Advertise the default route via P2P link only when the ISP link is active. That way, when location A looses ISP link, the P2P route advertised to Site B will be with drawn and the issue can be eliminated.

BGP conditional route advertisement - https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-conditional-advertisement-example-in-a...

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
497
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.