SD-WAN routing logic

In this document, we have made several recommendations for SD-WAN configuration with regards to its interaction with the traditional routing subsystem:

• We have recommended to enable the tie-break fib-best-match option on all SD-WAN Rules controlling ADVPN traffic. See Edge SD-WAN Templates.

• We have recommended configuring all SD-WAN Zones (both "underlay" and "overlay") to act as a default route. See Static Route Templates.

To help you better understand the logic behind these recommendations, we must explain the interaction between the Routing and the SD-WAN subsystems in more detail. Let us recap the two main rules that apply by default:

1. SD-WAN Rules are matched only if the best route to the destination points to SD-WAN.

2. SD-WAN Member is selected only if it has a valid route to the destination, which may not necessarily be the best route.

Both these rules can be controlled using advanced options in the SD-WAN rules:

• Rule #1 is controlled by the advanced option default that corresponds to CLI set default disable*|enable.

• Rule #2 is controlled by the advanced options gateway and tie-break that correspond to CLI set gateway disable*|enable and set tie-break cfg-order*|fib-best-match respectively.

Let us now look into several use cases in more detail:

• Best-route mode for SD-WAN

• SD-WAN as default route

• Excluding traffic from SD-WAN