Table of contents

  1. Visualizing BGP in SD-WAN
  2. The Problem: BGP is neat, but complex
  3. Why I Created This Guide
  4. What’s Inside
  5. 1. Route Advertisement Flow
  6. 2. Route Reception & Processing
  7. 3. BGP Best Path Selection
  8. 4. Spoke Path Selection
  9. 5. Complete SD-WAN Scenario
  10. 6. Route Map Decision Tree
  11. 7. Hub Failover Scenario
  12. 8. Component Relationships
  13. What I Learned Creating This
  14. How to Use This Guide
  15. Real-World Impact
  16. Technical Details
  17. A Note on Fortinet SD-WAN
  18. What’s Next?
  19. Final Thoughts
  20. Get the Guide
Visualizing BGP in SD-WAN Visualizing BGP in SD-WAN

Visualizing BGP in SD-WAN

10/20/2025 / 5 minutes to read
Tags: BGP, Fortinet, Git, Networking, SD-WAN, Security

The Problem: BGP is neat, but complex

If you’ve ever tried to fully understand BGP path selection, you know the struggle. You start with “So, first it checks the weight…” and fifteen minutes later, you’re drawing boxes and arrows on a whiteboard while your eyes glaze over…or maybe it’s just me.

I’ve been working with Fortinet SD-WAN deployments for a while now, and BGP is at the heart of everything. But here’s the thing: BGP is incredibly logical once you see it, but for me it felt almost impossible to understand from text alone.

Why I Created This Guide

Last month, I was involved in a PoC and started reviewing the FortiGate docs and how BGP was leveraged in SD-WAN. I pulled up a Technical Tip on BGP route selection I found in our community forums, found here, started reviewing local-preference, then AS-path, then MED… and realized I was just reviewing each thing individually. I needed a bigger picture.

That’s when it hit me: I needed visuals.

Not just simple diagrams, but complete flowcharts that show:

  • How routes actually move through the network
  • What decisions BGP makes at each step
  • How SD-WAN integrates with BGP path selection
  • What happens during failures and recovery
  • etc.

So I created this guide with 8 detailed flowcharts (for now) covering the different aspects of BGP in SD-WAN.

What’s Inside

1. Route Advertisement Flow

Ever wondered what actually happens when a spoke advertises its local networks? This flowchart shows the journey, including how outbound route maps modify BGP attributes before they leave the router.

2. Route Reception & Processing

When hubs receive routes, they don’t just accept them blindly. This diagram walks through the inbound route map evaluation process—matching conditions, setting attributes, and deciding whether to accept or reject routes.

3. BGP Best Path Selection

This is the big one. The complete 10-step algorithm that BGP uses to choose the best path. Weight, Local-Preference, AS-Path, MED… all in the correct order with decision points clearly marked.

Coming back to review this and realize I completely left off the last step, 11. Lowest Neighbor IP. I’ll work on fixing this soon.

4. Spoke Path Selection

A practical example showing how a spoke chooses between Hub1 and Hub2. You’ll see why local-preference is your best friend in SD-WAN deployments.

5. Complete SD-WAN Scenario

The end-to-end journey from route advertisement all the way through to traffic forwarding. This one ties everything together and shows how all the pieces interact.

6. Route Map Decision Tree

Route maps are powerful but can be confusing. This flowchart shows how routes flow through multiple rules sequentially until they’re either accepted with modifications or rejected.

7. Hub Failover Scenario

What happens when your primary hub goes down at 2 AM? This diagram shows the complete BGP convergence process, failover, and recovery sequence.

8. Component Relationships

A high-level view of how route maps, prefix lists, communities, and all the other BGP components interconnect.

What I Learned Creating This

Visualization forces clarity. When you try to draw something, you can’t hide behind vague explanations. Either the flow makes sense or it doesn’t. Creating these diagrams forced me to really work on understanding every decision point.

Context matters. BGP best path selection is one thing in isolation, but showing how it integrates with SD-WAN rules and tunnel selection? That’s where the real learning happens.

Everyone learns differently. Some people love RFCs. Others need to see the flow. I needed to see the flow. These diagrams are for the visual learners—the people who think in boxes and arrows.

How to Use This Guide

I designed these flowcharts to work together:

  • New to BGP? Start with diagrams 1, 2, and 3 to understand the basics
  • Troubleshooting? Jump to diagram 7 for failover scenarios or diagram 3 for path selection
  • Designing a new deployment? Use diagrams 4 and 5 to understand hub selection and complete traffic flows
  • Teaching someone? Walk through them in order—they build on each other

Real-World Impact

Since creating these flowcharts, I’ve used them for reference and trying to picture each graph in my mind has been super helpful for me. I’m sure they’d help in other use cases though.

  • Team training sessions (way better than PowerPoint bullets)
  • Customer presentations (The less technical folk might actually get BGP now)
  • That 2 AM troubleshooting call (God forbid)
  • Design reviews (pointing to a flowchart beats arguing about theory)

Technical Details

All diagrams are created in Mermaid format, which was another fun thing to learn. The benefit of it is they’re:

  • Version controllable - they’re just text, so you can track changes in git
  • Easy to update - no need to fire up Visio or draw.io
  • Reproducible - anyone can render them in their own tools
  • Accessible - they work in markdown, documentation sites, and wikis

A Note on Fortinet SD-WAN

While these diagrams focus on Fortinet’s implementation, the core BGP concepts should apply to any SD-WAN solution. The path selection algorithm is standard BGP. The way route maps work should also be consistent across vendors.

If you’re using Cisco, VMware, or any other SD-WAN platform, you’ll still find value here—just mentally substitute your platform’s terminology.

What’s Next?

I’m considering creating similar Mermaid flowchart guides now. Maybe for:

  • IPsec tunnel selection algorithms
  • Application steering decision trees
  • Zero Trust Network Access (ZTNA) flows

Final Thoughts

Networking tends to feel like this abstract, text-heavy thing we all pretend to understand from reading RFCs and documentation. Sometimes, you just need to see the flow. You need to follow a packet through the decision tree. You need to visualize what “BGP best path selection” actually means.

These flowcharts helped me understand BGP at a deeper level. I hope they help you too.

Get the Guide

View the complete flowchart guide

The guide includes:

  • All 8 flowcharts with detailed explanations
  • Real-world examples and use cases
  • Key points and takeaways for each diagram
  • Troubleshooting tips based on the flows

P.S. - The BGP RFC is 294 pages long and no, you don’t need to read all of it. Start simple, start with the flowcharts. You’re welcome.

← Back to blog