Best quality strategy
SD-WAN rules are used to control how sessions are distributed to SD-WAN members. Rules can be configured in one of five modes:
auto: Interfaces are assigned a priority based on quality.- Manual (
manual): Interfaces are manually assigned a priority. - Best Quality (
priority): Interface are assigned a priority based on the link-cost-factor of the interface. - Lowest Cost (SLA) (
sla): Interfaces are assigned a priority based on selected SLA settings. See Lowest cost (SLA) strategy. - Maximize Bandwith (SLA) (
load-balance): Traffic is distributed among all available links based on the selected load balancing algorithm. See Maximize bandwidth (SLA) strategy.
When using Best Quality mode, SD-WAN will choose the best link to forward traffic by comparing the link-cost-factor, selected from one of the following:
|
GUI |
CLI |
Description |
|---|---|---|
|
Latency |
latency |
Select a link based on latency. |
|
Jitter |
jitter |
Select a link based on jitter. |
|
Packet Loss |
packet-loss |
Select a link based on packet loss. |
|
Downstream |
inbandwidth |
Select a link based on available bandwidth of incoming traffic. |
|
Upstream |
outbandwidth |
Select a link based on available bandwidth of outgoing traffic. |
|
Bandwidth |
bibandwidth |
Select a link based on available bandwidth of bidirectional traffic. |
|
Customized profile |
custom-profile-1 |
Select link based on customized profile. If selected, set the following weights:
|
If the Downstream (inbandwidth), Upstream (outbandwidth), or Bandwidth (bibandwidth) quality criteria is used, the FortiGate will compare the bandwidth based on the configured upstream and downstream bandwidth values.
The interface speedtest can be used to populate the bandwidth values based on the speedtest results. See Manual interface speedtest for details.
To manually configure the upstream and downstream bandwidth values:
config system interface
edit <interface>
set estimated-upstream-bandwidth <speed in kbps>
set estimated-downstream-bandwidth <speed in kbps>
next
end
Example
In this example, your wan1 and wan2 SD-WAN interfaces connect to two ISPs that both go to the public internet, and you want Gmail services to use the link with the least latency.
To configure an SD-WAN rule to use Best Quality:
-
On the FortiGate, add wan1 and wan2 as SD-WAN members, then add a policy and static route. See SD-WAN quick start for details.
-
Create a new Performance SLA named google. See Link monitoring example.
-
Go to Network > SD-WAN, select the SD-WAN Rules tab, and click Create New.
-
Enter a name for the rule, such as gmail.
-
Configure the following settings:
Internet Service
Google-Gmail
Strategy
Best Quality
Interface preference
wan1 and wan2
Measured SLA
google (created in step 2).
Quality criteria
Latency
-
Click OK to create the rule.
To configure an SD-WAN rule to use priority:
config system sdwan
config health-check
edit "google"
set server "google.com"
set members 1 2
next
end
config service
edit 1
set name "gmail"
set mode priority
set internet-service enable
set internet-service-id 65646
set health-check "google"
set link-cost-factor latency
set priority-members 1 2
next
end
end
To diagnose the Performance SLA status:
FGT # diagnose sys sdwan health-check google
Health Check(google):
Seq(1): state(alive), packet-loss(0.000%) latency(14.563), jitter(4.334) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(12.633), jitter(6.265) sla_map=0x0
FGT # diagnose sys sdwan service 1
Service(1):
TOS(0x0/0x0), protocol(0: 1->65535), Mode(priority), link-cost-facotr(latency), link-cost-threshold(10), health-check(google) Members:
1: Seq_num(2), alive, latency: 12.633, selected
2: Seq_num(1), alive, latency: 14.563, selected
Internet Service: Google-Gmail(65646)
As wan2 has a smaller latency, SD-WAN will put Seq_num(2) on top of Seq_num(1) and wan2 will be used to forward Gmail traffic.