Configure an SD-WAN
Use the following commands to configure an SD-WAN.
CLI command |
Description |
---|---|
config system interface |
Enters system interface configuration mode. |
edit <vwan_name> |
Specify the name of the SD-WAN interface. |
set type virtual-wan |
Set the interface type to virtual-wan. |
set status <status> |
Set the status of the interface:
|
set persistence {source | dest | ip-pair | connection} |
Select a LLB metric to denote how to distribute traffic:
|
set algorithm {redundant | WRR} |
Select the LLB algorithm:
|
Set grace-period |
Specify the grace period in seconds to delay fail-back. |
set session-timeout 60 |
Specify the session timeout threshold in seconds. The default is 60. This is used to time out a VWAN session. A LLB session is created for each traffic stream. However, when a session times out, it is deleted. |
set members |
Add VWAN members to the VWAN interface. |
FortiExtender (Standalone) supports both redundant and Weighted Round Robin (WRR) load-balancing algorithms.
In redundant mode, the link member with the highest priority is selected as the primary member to forward packets. When the primary member is down, the member with the next highest priority is selected.
In WRR mode, traffic is sent to each link member in a round-robin fashion based on the weight assigned to it.
- Weighted Round Robin (WRR)—Traffic is load-balanced based on the weight configured on the underlying link member. The weight value should be based on the available bandwidth of the link member.
- Redundant—If the primary link (determined by priority) goes down, traffic is steered to the secondary link. In the above example, if the algorithm were set to redundant mode, the priorities of the member interfaces (i.e., tunnel0 and tunnel1) must be different. A link with the lowest priority setting gains the primary link status.
Unreliable links can cause bouncing between the primary and the secondary links. Therefore, a grace-period option is provided.
Use persistence to guarantee a specific traffic stream always goes through the same link member. This is useful for a group of traffic streams related to the same application, and there is a time sequence and dependency among them. In this case, a proper persistence should be configured. Current available options are source_ip, dest_ip, source_dest_ip_pair,
and connection
.