Exam NSE5_SSE_AD-7.6 Topic 3 Question 26 Discussion
Actual exam question for Fortinet's NSE5_SSE_AD-7.6 exam
Question #: 26
Topic #: 3
Question #: 26
Topic #: 3
Which two statements correctly describe what happens when traffic matches the implicit SD-WAN rule?
(Choose two answers)
(Choose two answers)
Suggested Answer: B,E Vote an answer
According to theSD-WAN 7.6 Core Administratorstudy guide andFortiOS 7.6 Administration Guide, the
"implicit rule" is the default rule at the bottom of the SD-WAN rule list (ID 0). It is only evaluated if traffic does not match any manually configured SD-WAN rules.
* Policy Route Table Context (Option B): SD-WAN rules are technically a specialized form of policy- based routing. For a packet to match theimplicit rule, it must first pass through the routing hierarchy. If traffic matches the implicit rule, it indicates that it did not match any higher-priority user-defined SD- WAN rules or any specific entries in the manualpolicy route tablethat would have intercepted the traffic earlier.
* Session Information (Option E): When you use the CLI to inspect an active session (e.g., diagnose sys session list), the output contains a field for theSD-WAN Service ID. If traffic is steered by a user- defined rule, it displays the ID of that rule (e.g., service_id=1). However, when traffic falls through to theimplicit rule, the session information displaysno SD-WAN service ID(it often shows as 0 or is omitted), because the implicit rule does not function as a "service" in the same way user-defined rules do.
* Routing Behavior: The implicit rule follows the standard routing table (RIB/FIB) logic. It uses the priorityanddistanceof the static routes to determine the path. If multiple paths have the same distance and priority, it uses the algorithm set by v4-ecmp-mode, but this is a function of the routing engine, not the SD-WAN engine itself.
Why other options are incorrect:
* Option A: While v4-ecmp-mode (e.g., source-ip-based) is used for ECMP routing, this is part of the general FortiOS routing behavior for equal-cost paths in the FIB, whereas the implicit rule simply
"hands over" the decision to that routing table.
* Option C: When traffic matches the implicit rule, the session is actually flagged with vwl_id=0 and potentially dirty if a route change occurs, but vwl_default is not the standard flag name used in this specific context in the curriculum.
* Option D: This is incorrect because the implicit ruledoes respect weight, distance, and priorityas defined in the static routes within the routing table; it does not distribute traffic "regardless" of these values.
"implicit rule" is the default rule at the bottom of the SD-WAN rule list (ID 0). It is only evaluated if traffic does not match any manually configured SD-WAN rules.
* Policy Route Table Context (Option B): SD-WAN rules are technically a specialized form of policy- based routing. For a packet to match theimplicit rule, it must first pass through the routing hierarchy. If traffic matches the implicit rule, it indicates that it did not match any higher-priority user-defined SD- WAN rules or any specific entries in the manualpolicy route tablethat would have intercepted the traffic earlier.
* Session Information (Option E): When you use the CLI to inspect an active session (e.g., diagnose sys session list), the output contains a field for theSD-WAN Service ID. If traffic is steered by a user- defined rule, it displays the ID of that rule (e.g., service_id=1). However, when traffic falls through to theimplicit rule, the session information displaysno SD-WAN service ID(it often shows as 0 or is omitted), because the implicit rule does not function as a "service" in the same way user-defined rules do.
* Routing Behavior: The implicit rule follows the standard routing table (RIB/FIB) logic. It uses the priorityanddistanceof the static routes to determine the path. If multiple paths have the same distance and priority, it uses the algorithm set by v4-ecmp-mode, but this is a function of the routing engine, not the SD-WAN engine itself.
Why other options are incorrect:
* Option A: While v4-ecmp-mode (e.g., source-ip-based) is used for ECMP routing, this is part of the general FortiOS routing behavior for equal-cost paths in the FIB, whereas the implicit rule simply
"hands over" the decision to that routing table.
* Option C: When traffic matches the implicit rule, the session is actually flagged with vwl_id=0 and potentially dirty if a route change occurs, but vwl_default is not the standard flag name used in this specific context in the curriculum.
* Option D: This is incorrect because the implicit ruledoes respect weight, distance, and priorityas defined in the static routes within the routing table; it does not distribute traffic "regardless" of these values.
by James at Mar 03, 2026, 12:57 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).