Fortinet black logo

SD-WAN / SD-Branch Architecture for MSSPs

Home FortiGate / FortiOS 7.0.0 SD-WAN / SD-Branch Architecture for MSSPs
7.0.0
7.2.0
7.0.0
6.4.0

Design example - dual-hub

Design example - dual-hub

Customers willing to provide geographic redundancy to their SD-WAN solution will typically extend the previous design to include a secondary hub.

In this design, each hub acts precisely as in the base design, and the hubs are independent of each other. The spokes connect to the dial-up IPsec endpoints of both hubs over all available underlay transports. Effectively, each of the hubs defines its own set of point-to-multipoint overlays.

After connecting to all the overlays, the spokes also establish separate IBGP sessions to both hubs through each of the overlays. The spokes then advertise their local site prefix(es) to both hubs, and each of the hubs acts as an independent BGP route reflector. As a result of this route exchange, all the sites learn each other’s prefixes by all available overlays through both hubs. Following the described principles, all these routes should be installed into the routing tables (ECMP).

Once all the routes have been learned, it’s time to see how the SD-WAN rules define the exact redundancy model.

Previous
Next

Design example - dual-hub

Customers willing to provide geographic redundancy to their SD-WAN solution will typically extend the previous design to include a secondary hub.

In this design, each hub acts precisely as in the base design, and the hubs are independent of each other. The spokes connect to the dial-up IPsec endpoints of both hubs over all available underlay transports. Effectively, each of the hubs defines its own set of point-to-multipoint overlays.

After connecting to all the overlays, the spokes also establish separate IBGP sessions to both hubs through each of the overlays. The spokes then advertise their local site prefix(es) to both hubs, and each of the hubs acts as an independent BGP route reflector. As a result of this route exchange, all the sites learn each other’s prefixes by all available overlays through both hubs. Following the described principles, all these routes should be installed into the routing tables (ECMP).

Once all the routes have been learned, it’s time to see how the SD-WAN rules define the exact redundancy model.

Previous
Next