Using server probes on interfaces
You can use server probes on interfaces on the FortiGate. First, you configure the probe response mode and then you give the probe response administrative access on the interface.
You configure server probe settings in the FortiGate CLI.
To configure the probe response mode - CLI:
config system probe-response
set mode {none | http-probe | twamp}
end
where you can configure one of the following probe response modes:
Mode |
Description |
---|---|
|
Disable probe |
|
HTTP probe |
|
Two-Way Active Measurement Protocol For more information, see Configuring TWAMP. |
After you configure the probe response mode, you must give the probe response administrative access to the interface. For more information, see Configuring administrative access to interfaces.
Configuring TWAMP
FortiOS supports Two-Way Active Measurement Protocol (TWAMP) Light, which is a simplified architecture within the TWAMP standard. Its purpose is to measure the round trip IP performance between any two devices within a network that supports the protocol. FortiOS supports both responder/reflector and server/controller roles.
FortiOS extends TWAMP to also support unidirectional network quality monitoring. You can monitor network quality for each direction of a traffic path separately. You can also use SNMP to monitor the network quality status from both the controller and responder sides.
You can use a link health monitor to see the following information:
- Directional latency (Minimum, Maximum, Average)
- Directional packet loss
- Directional out of sequence packets
- Directional jitter (Minimum, Maximum, Average)
To configure TWAMP, you configure TWAMP and then you configure the probe to use TWAMP. You configure TWAMP in the FortiGate CLI.
To configure TWAMP to monitor network quality - CLI:
config system link-monitor
edit <link_monitor_name>
set srcintf <interface_name>
set server <ip_address>
set protocol twamp
set port <port_number>
set gateway-ip <ip_address>
set security-mode {none | authentication}
set password <password>
set packet-size <size>
next
end
where you can configure the following monitoring options:
CLI option |
Description |
---|---|
|
The interface that receives the traffic that you want to monitor |
|
The IP address of the server that you want to monitor |
|
The port number for the traffic that you want to use to monitor the server |
|
The gateway IP address that you want to use to probe the server |
|
The security mode for the TWAMP controller:
|
|
The password for the TWAMP controller when the security mode is set to authentication |
|
The packet size of a TWAMP test session |
To configure the probe to use TWAMP - CLI:
config system probe-response
set mode twamp
set port <port_number>
set ttl-mode {reinit | decrease | retain}
set security-mode {none | authentication}
set password <password>
set timeout <time>
end
where you can configure the following monitoring options:
CLI option |
Description |
---|---|
|
The TTL modification mode that you want to use for TWAMP packets:
|
|
The security mode for the TWAMP responder:
|
|
The password for the TWAMP responder when the security mode is set to authentication |
|
An inactivity timer for a TWAMP test session |