Podcast
Questions and Answers
Which load balancing algorithm is the default in FortiGate SD-WAN?
Which load balancing algorithm is the default in FortiGate SD-WAN?
What happens when the spillover limit is reached in FortiGate SD-WAN?
What happens when the spillover limit is reached in FortiGate SD-WAN?
Which load balancing algorithm is based on the member weight in FortiGate SD-WAN?
Which load balancing algorithm is based on the member weight in FortiGate SD-WAN?
What does FortiGate do when a session matches the implicit rule?
What does FortiGate do when a session matches the implicit rule?
Signup and view all the answers
How does FortiGate load balance sessions that match ECMP routes?
How does FortiGate load balance sessions that match ECMP routes?
Signup and view all the answers
Which load balancing algorithm sends sessions with the same source and destination IP pair to the same member?
Which load balancing algorithm sends sessions with the same source and destination IP pair to the same member?
Signup and view all the answers
What is the default load balancing algorithm in FortiGate SD-WAN?
What is the default load balancing algorithm in FortiGate SD-WAN?
Signup and view all the answers
What happens when none of the user-defined SD-WAN rules are matched?
What happens when none of the user-defined SD-WAN rules are matched?
Signup and view all the answers
How does FortiGate load balance sessions across members?
How does FortiGate load balance sessions across members?
Signup and view all the answers
What does FortiGate do when the bandwidth of an interface reaches the configured spillover limit?
What does FortiGate do when the bandwidth of an interface reaches the configured spillover limit?
Signup and view all the answers
Which setting controls the V-Dom ECMP algorithm when SD-WAN is enabled on FortiGate?
Which setting controls the V-Dom ECMP algorithm when SD-WAN is enabled on FortiGate?
Signup and view all the answers
Which algorithm is supported by load-balance-mode but not by v4-ecmp-mode?
Which algorithm is supported by load-balance-mode but not by v4-ecmp-mode?
Signup and view all the answers
Where are the weight and spillover thresholds defined when SD-WAN is enabled?
Where are the weight and spillover thresholds defined when SD-WAN is enabled?
Signup and view all the answers
Where are the weight and spillover thresholds defined when SD-WAN is disabled?
Where are the weight and spillover thresholds defined when SD-WAN is disabled?
Signup and view all the answers
Which criteria can be used to match traffic in SD-WAN rules?
Which criteria can be used to match traffic in SD-WAN rules?
Signup and view all the answers
Which databases are used for destination internet service and application detection in SD-WAN rules?
Which databases are used for destination internet service and application detection in SD-WAN rules?
Signup and view all the answers
Who maintains the internet service and application control databases?
Who maintains the internet service and application control databases?
Signup and view all the answers
How frequently are new versions of the IPS engine released?
How frequently are new versions of the IPS engine released?
Signup and view all the answers
What happens when a new IPS engine version is released?
What happens when a new IPS engine version is released?
Signup and view all the answers
What must be clicked to see the internet service and application-related options when creating a new rule using FortiManager?
What must be clicked to see the internet service and application-related options when creating a new rule using FortiManager?
Signup and view all the answers
Which load balancing algorithm instructs FortiGate to track the cumulative number of bytes of each member and distribute sessions based on the weight?
Which load balancing algorithm instructs FortiGate to track the cumulative number of bytes of each member and distribute sessions based on the weight?
Signup and view all the answers
What is the formula to calculate the percentage of sessions or traffic sent to each member based on their weight?
What is the formula to calculate the percentage of sessions or traffic sent to each member based on their weight?
Signup and view all the answers
When using the Sessions load balancing algorithm, out of 15 sessions, how many sessions would be sent to member A if it has a weight of 5?
When using the Sessions load balancing algorithm, out of 15 sessions, how many sessions would be sent to member A if it has a weight of 5?
Signup and view all the answers
When using the Volume load balancing algorithm, how much of the total amount of traffic would member A handle if it has a weight of 5 and member B has a weight of 10?
When using the Volume load balancing algorithm, how much of the total amount of traffic would member A handle if it has a weight of 5 and member B has a weight of 10?
Signup and view all the answers
When using the Volume load balancing algorithm, how much of the total amount of traffic would member B handle if it has a weight of 5 and member A has a weight of 10?
When using the Volume load balancing algorithm, how much of the total amount of traffic would member B handle if it has a weight of 5 and member A has a weight of 10?
Signup and view all the answers
When using the Sessions load balancing algorithm, are sessions distributed equally if ECMP routes are dynamic routes?
When using the Sessions load balancing algorithm, are sessions distributed equally if ECMP routes are dynamic routes?
Signup and view all the answers
When using the Volume load balancing algorithm, are sessions distributed equally if ECMP routes are dynamic routes?
When using the Volume load balancing algorithm, are sessions distributed equally if ECMP routes are dynamic routes?
Signup and view all the answers
When using the Spillover load balancing algorithm, what should be adjusted for each member?
When using the Spillover load balancing algorithm, what should be adjusted for each member?
Signup and view all the answers
When using the Sessions load balancing algorithm, does the weight assigned to members necessarily translate to the same bandwidth or volume observed on members?
When using the Sessions load balancing algorithm, does the weight assigned to members necessarily translate to the same bandwidth or volume observed on members?
Signup and view all the answers
When using the Spillover and Volume load balancing algorithms, is it fine if the bandwidth exceeds the configured thresholds or if the amount of traffic exceeds the expected volume based on the weight?
When using the Spillover and Volume load balancing algorithms, is it fine if the bandwidth exceeds the configured thresholds or if the amount of traffic exceeds the expected volume based on the weight?
Signup and view all the answers
Study Notes
FortiGate SD-WAN Load Balancing Algorithms
- The default load balancing algorithm in FortiGate SD-WAN is ** Sessions **.
- Spillover algorithm is based on the member weight and reaches a limit when the bandwidth of an interface reaches the configured spillover limit.
- Weight-based algorithm distributes sessions based on the weight of each member.
- ECMP (Equal-Cost Multi-Path) routes are used to load balance sessions that match ECMP routes.
Load Balancing Behavior
- When a session matches the implicit rule, FortiGate sends it to the member with the highest weight.
- When none of the user-defined SD-WAN rules are matched, FortiGate falls back to the default load balancing algorithm.
- When the bandwidth of an interface reaches the configured spillover limit, FortiGate sends traffic to the next available member.
-
V-Dom ECMP algorithm is controlled by the
v4-ecmp-mode
setting when SD-WAN is enabled.
Load Balancing Algorithm Characteristics
- Sessions algorithm distributes sessions equally regardless of the weight assigned.
-
Volume algorithm distributes traffic based on the weight of each member and calculates the percentage of traffic sent to each member using the formula:
(weight of member / sum of all weights) * 100%
. - Spillover algorithm requires adjusting the threshold for each member.
- The weight assigned to members does not necessarily translate to the same bandwidth or volume observed on members.
SD-WAN Rule Matching and Databases
- SD-WAN rules can match traffic based on source and destination IP, port, and protocol.
- Destination internet service and application detection databases are used for SD-WAN rules.
- FortiGuard Labs maintains the internet service and application control databases.
- New IPS engine versions are released regularly and updating to the latest version ensures access to the latest threat intelligence.
FortiManager and SD-WAN
- To see internet service and application-related options when creating a new rule using FortiManager, click the "Internet Service" or "Application" tab.
- Weight and spillover thresholds are defined in the interface settings when SD-WAN is enabled, and in the SD-WAN rule when SD-WAN is disabled.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on implicit rule and load balancing in SD-WAN. Learn about load balancing algorithms, such as source IP and spillover, and how they distribute sessions across members. Explore the concept of implicit rule and its role in standard FIB.