Exam NSE7_SDW-7.2 topic 1 question 17 discussion

A is definitely incorrect as the member priority is what is used in Lowest Cost (SLA) and T_INET_0 has higher priority over T_INET_1 as that is how they are configured in order.

SD-WAN strategy is Lowest Cost (SLA) as indicated by the "Mode(sla)" flag. Cost SLA uses SLA target, cost, and priority (i.e., interface preference - or order of config unless manually overridden by admin config) as the criteria -- in that order. Both members meet the target, both have 0 cost, and therefore member 3 (T_INET_0) wins the "priority" tiebreaker. So if there is a valid route to the destination through member 3, it will win. The fact that it does not has nothing to do with the configured static route/member priority, which according to SG page 197 "is used as a tiebreaker for ECMP routes when matching implicit SD-WAN rule." That is not the case here, so A is INCORRECT. C is patently incorrect as T_INET_0 clearly has the higher priority (3) than T_INET_1 (4).

This priority value will be used in the static route created for the SD-WAN’s member interface. This routing priority is mainly effective against traffic matching SD-WAN implicit rules where it can be used to prioritize certain SD-WAN’s member interface. The lower the value the higher the priority is.

B&D is correct

A because INET_1 have best priority

BD correct

B et D is best anser. In fact, priority is not use on SD-WAN rules just in implicit SD-WAN rule.

These are the correct answers, just passed the exam with a 100% score.

It is B and D, just passed the exam with a 100% score so must be B and D on de Exam

B - Wrong There is no PBR details anywhere while there is a static route to T_INET_1 and definitely SDWAN rules. PBR is an assumption C - Wrong the member configuration priority refers to which interface added first in the rule and as you see the first one at the top of service(1) is T_INET_0 therefore that option is wrong as INET_1 has lower member configuration priority than INET_0 as is added later

D - Correct We see only a static route to T-INET_1 so there is no valid route to INET_0 therefore this is correct A - Correct if you have a fortigate go to SDWAN-> SDWAN ZONES -> click to a zone you configured and check which interfaces you added in that zone. if you click any interfaces you will see an the option to specify "priority". Go on the exclamation mark and see what it says. The lower the value the higher the route priority. T_INET_1 has priority 1 while T_INET_0 has priority 10 therefore T-INET_1 has a higher route priority as it has lower value/ Therefore C & B are wrong.

After reading once and again this question, I've found this: the commando get router info routing-table all user "grep T_INET_" So, grep should lists entries for T_INET_0 and T_INTE_1. However, there is only one entry for T_INET_1 This means: A) Wrong. Even if it matchet sdwan rule 1, the only valid member is 2: T_INET_1 B) Can be right. A regular policy with T_INET_1 would work because there is a route in the routing table. C) Wrong. Same as "A". D) It's 100% right. T_INET_0 does not have a valid route.

"A" can't be right. Page 197: "Do not confuse the member configuration priority with the Priority setting available on the SD-WAN member configuration. The latter is used for the priority of static routes for members when you configure static routes for zones. The former refers to the member priority based on the Interface Preference list configuration. Members that are configured first in the list have higher priority over those configured last. The Priority setting is used as a tiebreaker for ECMP routes when matching the implicit SD-WAN rule." Priority SETTING is not relevant in this case because there is no static route for zone, so there is NOT ECMP. There is only one route to 10.0.0.0/8 pointing to T_INET_1. "B" is a possible reason even if there is no exhibit. Policy routes come before ISDB rules and SDWAN rules. If there is a policy route pointing to T_INET_1 it has precedence over sdwan rules. And will work because there is a valid route through T_INET_1.

A&D must be the correct answers based on the exhibition: A because that is an actual fact with regards to the router info output D because T_INET_0 is not listed in the routing info output, and there are no places in the exhibition showing anything related to policy based routing

Priority not used for this purpose.

AD is correct

I think too... right answers are B & D.