Podcast
Questions and Answers
Which of the following is a requirement for packet duplication in SD-WAN?
Which of the following is a requirement for packet duplication in SD-WAN?
- The links used for duplication must support hardware offload.
- The duplicate packets must be exact copies of the original packet.
- Packet duplication must be enabled on the receiving FortiGate.
- The best route must match an SD-WAN member. (correct)
What is the purpose of packet duplication in SD-WAN?
What is the purpose of packet duplication in SD-WAN?
- To reduce data loss on IPsec tunnels.
- To forward all copies of the packet to the next hop.
- To save resources at the receiving end.
- To enable out-of-band inspection or packet capture. (correct)
What happens when packet deduplication is enabled on the receiving FortiGate?
What happens when packet deduplication is enabled on the receiving FortiGate?
- All copies of the packet are accepted.
- All duplicate packets are dropped.
- Only the first copy of the packet is accepted. (correct)
- All duplicate packets are forwarded to the next hop.
Which feature provides an efficient way to reduce data loss on IPsec tunnels?
Which feature provides an efficient way to reduce data loss on IPsec tunnels?
What are duplicate packets in SD-WAN?
What are duplicate packets in SD-WAN?
How many additional members can duplicate packets be sent through in SD-WAN?
How many additional members can duplicate packets be sent through in SD-WAN?
What type of links are required for packet duplication in SD-WAN?
What type of links are required for packet duplication in SD-WAN?
Which of the following is NOT a supported feature of Forward Error Correction (FEC)?
Which of the following is NOT a supported feature of Forward Error Correction (FEC)?
What is the goal of enabling packet deduplication on the receiving FortiGate?
What is the goal of enabling packet deduplication on the receiving FortiGate?
In the example on the slide, how many IPsec overlays are the FortiGate devices connected through?
In the example on the slide, how many IPsec overlays are the FortiGate devices connected through?
According to the text, when does FortiGate create duplicates?
According to the text, when does FortiGate create duplicates?
What is the benefit of restricting packet duplication to SD-WAN rules?
What is the benefit of restricting packet duplication to SD-WAN rules?
How can you configure packet duplication rules to duplicate traffic based on the detected application?
How can you configure packet duplication rules to duplicate traffic based on the detected application?
What does the SD-WAN rule ID 1 status indicate?
What does the SD-WAN rule ID 1 status indicate?
What is the purpose of the IPsec exchange interface feature?
What is the purpose of the IPsec exchange interface feature?
What is the advantage of using the IPsec exchange interface feature over IKE mode config?
What is the advantage of using the IPsec exchange interface feature over IKE mode config?
What is the configuration change required on the spoke FortiGate when exchanging IPsec interface IP addresses using IKE?
What is the configuration change required on the spoke FortiGate when exchanging IPsec interface IP addresses using IKE?
When defining the hub IP address for exchanging IPsec interface IP addresses using IKE, what netmask should be used?
When defining the hub IP address for exchanging IPsec interface IP addresses using IKE, what netmask should be used?
Can IP addresses be exchanged using IKE when one of the gateways is not a FortiGate device?
Can IP addresses be exchanged using IKE when one of the gateways is not a FortiGate device?
What does the IKE mode config allow you to do with IP addresses on the spoke side?
What does the IKE mode config allow you to do with IP addresses on the spoke side?
Which FortiGate device is configured to always duplicate packets?
Which FortiGate device is configured to always duplicate packets?
What is the purpose of the duplication rule on the spoke FortiGate?
What is the purpose of the duplication rule on the spoke FortiGate?
What is the result of the hub FortiGate's duplication rule?
What is the result of the hub FortiGate's duplication rule?
What is the value of duplication-max-num on the spoke FortiGate?
What is the value of duplication-max-num on the spoke FortiGate?
What does the packet-duplication setting on the spoke FortiGate instruct FortiGate to do?
What does the packet-duplication setting on the spoke FortiGate instruct FortiGate to do?
What does the packet-deduplication setting on the hub FortiGate instruct FortiGate to do?
What does the packet-deduplication setting on the hub FortiGate instruct FortiGate to do?
When is on-demand packet duplication triggered?
When is on-demand packet duplication triggered?
How does FortiGate determine the quality of the outgoing interface for on-demand packet duplication?
How does FortiGate determine the quality of the outgoing interface for on-demand packet duplication?
What is the result of forced packet duplication?
What is the result of forced packet duplication?
What determines the outgoing interface for packet duplication?
What determines the outgoing interface for packet duplication?
Study Notes
Packet Duplication in SD-WAN
- Packet duplication is required when using IPsec tunnels in SD-WAN, and it helps reduce data loss.
- Duplicate packets are sent through multiple links to ensure delivery in case of packet loss on one link.
Packet Deduplication
- When packet deduplication is enabled on the receiving FortiGate, it removes duplicate packets, preventing data duplication.
- The goal of enabling packet deduplication is to prevent data duplication on the receiving end.
Forward Error Correction (FEC)
- FEC provides an efficient way to reduce data loss on IPsec tunnels by duplicating packets.
Configuring Packet Duplication
- Packet duplication can be restricted to SD-WAN rules, which helps optimize bandwidth usage.
- Packet duplication rules can be configured to duplicate traffic based on detected applications.
IPsec Exchange Interface
- The IPsec exchange interface feature allows exchanging IPsec interface IP addresses without IKE mode config.
- The advantage of using the IPsec exchange interface feature is that it does not require IKE mode config.
Configuring Packet Duplication Rules
- The spoke FortiGate is configured to always duplicate packets.
- The duplication rule on the spoke FortiGate instructs FortiGate to duplicate packets.
- The hub FortiGate's duplication rule instructs FortiGate to duplicate packets only when necessary.
On-Demand Packet Duplication
- On-demand packet duplication is triggered when packet loss is detected on a link.
- FortiGate determines the quality of the outgoing interface for on-demand packet duplication based on link quality.
Forced Packet Duplication
- Forced packet duplication is triggered when packet loss is detected on all links, and it sends duplicate packets on all available links.
- The outgoing interface for packet duplication is determined by the duplication rule configuration.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on packet duplication, an advanced networking technique used to send duplicate packets through additional links. Whether it's underlay or overlay, this quiz covers the requirements, benefits, and best practices of packet duplication. Learn about hardware offloading, SD-WAN integration, data loss protection, OOB inspection, and deduplication techniques. Put your networking skills to the test and become an expert in packet duplication.
