Fortinet white logo
Fortinet white logo

Cookbook

Performance SLA - link monitoring

Performance SLA - link monitoring

Performance SLA link health monitoring measures the health of links that are connected to SD-WAN member interfaces by sending probing signals through each link to a server and measuring the link quality based on latency, jitter, and packet loss. If a link fails all of the health checks, the routes on that link are removed from the SD-WAN link load balancing group, and traffic is routed through other links. When the link is working again the routes are reestablished. This prevents traffic being sent to a broken link and lost.

When an SD-WAN member has multiple health checks configured, all of the checks must fail for the routes on that link to be removed from the SD-WAN link load balancing group.

In this example:

  • Interfaces wan1 and wan2 connect to the internet through separate ISPs
  • The detection server IP address is 208.91.114.182

A performance SLA is created so that, if one link fails, its routes are removed and traffic is detoured to the other link.

To configure a Performance SLA using the GUI:
  1. On the FortiGate, enable SD-WAN and add wan1 and wan2 as SD-WAN members, then add a policy and static route. See Configuring the SD-WAN interface for details.
  2. Go to Network > Performance SLA.
  3. Click Create New. The Performance SLA page opens.
  4. Enter a name for the SLA and select a protocol.
  5. In the Server field, enter the detection server IP address (208.91.114.182 in this example).
  6. In the Participants field, select both wan1 and wan2.

  7. Configured the remaining settings as needed, then click OK.
To configure a Performance SLA using the CLI:
config system virtual-wan-link
    config health-check
        edit "server"
            set server "208.91.114.182"
            set update-static-route enable
            set members 1 2
        next
    end
end
To diagnose the Performance SLA status:
FGT # diagnose sys virtual-wan-link health-check
Health Check(server):
Seq(1): state(alive), packet-loss(0.000%) latency(15.247), jitter(5.231) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(13.621), jitter(6.905) sla_map=0x0 

Related Videos

sidebar video

SD-WAN Setup and Bandwidth Monitoring

  • 13,488 views
  • 5 years ago

Performance SLA - link monitoring

Performance SLA - link monitoring

Performance SLA link health monitoring measures the health of links that are connected to SD-WAN member interfaces by sending probing signals through each link to a server and measuring the link quality based on latency, jitter, and packet loss. If a link fails all of the health checks, the routes on that link are removed from the SD-WAN link load balancing group, and traffic is routed through other links. When the link is working again the routes are reestablished. This prevents traffic being sent to a broken link and lost.

When an SD-WAN member has multiple health checks configured, all of the checks must fail for the routes on that link to be removed from the SD-WAN link load balancing group.

In this example:

  • Interfaces wan1 and wan2 connect to the internet through separate ISPs
  • The detection server IP address is 208.91.114.182

A performance SLA is created so that, if one link fails, its routes are removed and traffic is detoured to the other link.

To configure a Performance SLA using the GUI:
  1. On the FortiGate, enable SD-WAN and add wan1 and wan2 as SD-WAN members, then add a policy and static route. See Configuring the SD-WAN interface for details.
  2. Go to Network > Performance SLA.
  3. Click Create New. The Performance SLA page opens.
  4. Enter a name for the SLA and select a protocol.
  5. In the Server field, enter the detection server IP address (208.91.114.182 in this example).
  6. In the Participants field, select both wan1 and wan2.

  7. Configured the remaining settings as needed, then click OK.
To configure a Performance SLA using the CLI:
config system virtual-wan-link
    config health-check
        edit "server"
            set server "208.91.114.182"
            set update-static-route enable
            set members 1 2
        next
    end
end
To diagnose the Performance SLA status:
FGT # diagnose sys virtual-wan-link health-check
Health Check(server):
Seq(1): state(alive), packet-loss(0.000%) latency(15.247), jitter(5.231) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(13.621), jitter(6.905) sla_map=0x0