Fortinet black logo

Handbook

Using server probes on interfaces

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:428871
Download PDF

Using server probes on interfaces

You can use server probes on interfaces on the FortiGate. First, you configure the probe response mode and then you give the probe response administrative access on the interface.

You configure server probe settings in the FortiGate CLI.

To configure the probe response mode - CLI:

config system probe-response

set mode {none | http-probe | twamp}

end

where you can configure one of the following probe response modes:

Mode

Description

none

Disable probe

http-probe

HTTP probe

twamp

Two-Way Active Measurement Protocol

For more information, see Configuring TWAMP.

After you configure the probe response mode, you must give the probe response administrative access to the interface. For more information, see Configuring administrative access to interfaces.

Configuring TWAMP

FortiOS supports Two-Way Active Measurement Protocol (TWAMP) Light, which is a simplified architecture within the TWAMP standard. Its purpose is to measure the round trip IP performance between any two devices within a network that supports the protocol. FortiOS supports both responder/reflector and server/controller roles.

FortiOS extends TWAMP to also support unidirectional network quality monitoring. You can monitor network quality for each direction of a traffic path separately. You can also use SNMP to monitor the network quality status from both the controller and responder sides.

You can use a link health monitor to see the following information:

  • Directional latency (Minimum, Maximum, Average)
  • Directional packet loss
  • Directional out of sequence packets
  • Directional jitter (Minimum, Maximum, Average)

To configure TWAMP, you configure TWAMP and then you configure the probe to use TWAMP. You configure TWAMP in the FortiGate CLI.

To configure TWAMP to monitor network quality - CLI:

config system link-monitor

edit <link_monitor_name>

set srcintf <interface_name>

set server <ip_address>

set protocol twamp

set port <port_number>

set gateway-ip <ip_address>

set security-mode {none | authentication}

set password <password>

set packet-size <size>

next

end

where you can configure the following monitoring options:

CLI option

Description

srcintf

The interface that receives the traffic that you want to monitor

server

The IP address of the server that you want to monitor

port

The port number for the traffic that you want to use to monitor the server

gateway-ip

The gateway IP address that you want to use to probe the server

security mode

The security mode for the TWAMP controller:

  • none: Unauthenticated mode
  • authentication: Authenticated mode

password

The password for the TWAMP controller when the security mode is set to authentication

packet-size

The packet size of a TWAMP test session

To configure the probe to use TWAMP - CLI:

config system probe-response

set mode twamp

set port <port_number>

set ttl-mode {reinit | decrease | retain}

set security-mode {none | authentication}

set password <password>

set timeout <time>

end

where you can configure the following monitoring options:

CLI option

Description

ttl-mode

The TTL modification mode that you want to use for TWAMP packets:

  • reinit: Reinitialize TTL
  • decrease: Decrease TTL
  • retain: Retain TTL

security-mode

The security mode for the TWAMP responder:

  • none: Unauthenticated mode
  • authentication: Authenticated mode

password

The password for the TWAMP responder when the security mode is set to authentication

timeout

An inactivity timer for a TWAMP test session

Using server probes on interfaces

You can use server probes on interfaces on the FortiGate. First, you configure the probe response mode and then you give the probe response administrative access on the interface.

You configure server probe settings in the FortiGate CLI.

To configure the probe response mode - CLI:

config system probe-response

set mode {none | http-probe | twamp}

end

where you can configure one of the following probe response modes:

Mode

Description

none

Disable probe

http-probe

HTTP probe

twamp

Two-Way Active Measurement Protocol

For more information, see Configuring TWAMP.

After you configure the probe response mode, you must give the probe response administrative access to the interface. For more information, see Configuring administrative access to interfaces.

Configuring TWAMP

FortiOS supports Two-Way Active Measurement Protocol (TWAMP) Light, which is a simplified architecture within the TWAMP standard. Its purpose is to measure the round trip IP performance between any two devices within a network that supports the protocol. FortiOS supports both responder/reflector and server/controller roles.

FortiOS extends TWAMP to also support unidirectional network quality monitoring. You can monitor network quality for each direction of a traffic path separately. You can also use SNMP to monitor the network quality status from both the controller and responder sides.

You can use a link health monitor to see the following information:

  • Directional latency (Minimum, Maximum, Average)
  • Directional packet loss
  • Directional out of sequence packets
  • Directional jitter (Minimum, Maximum, Average)

To configure TWAMP, you configure TWAMP and then you configure the probe to use TWAMP. You configure TWAMP in the FortiGate CLI.

To configure TWAMP to monitor network quality - CLI:

config system link-monitor

edit <link_monitor_name>

set srcintf <interface_name>

set server <ip_address>

set protocol twamp

set port <port_number>

set gateway-ip <ip_address>

set security-mode {none | authentication}

set password <password>

set packet-size <size>

next

end

where you can configure the following monitoring options:

CLI option

Description

srcintf

The interface that receives the traffic that you want to monitor

server

The IP address of the server that you want to monitor

port

The port number for the traffic that you want to use to monitor the server

gateway-ip

The gateway IP address that you want to use to probe the server

security mode

The security mode for the TWAMP controller:

  • none: Unauthenticated mode
  • authentication: Authenticated mode

password

The password for the TWAMP controller when the security mode is set to authentication

packet-size

The packet size of a TWAMP test session

To configure the probe to use TWAMP - CLI:

config system probe-response

set mode twamp

set port <port_number>

set ttl-mode {reinit | decrease | retain}

set security-mode {none | authentication}

set password <password>

set timeout <time>

end

where you can configure the following monitoring options:

CLI option

Description

ttl-mode

The TTL modification mode that you want to use for TWAMP packets:

  • reinit: Reinitialize TTL
  • decrease: Decrease TTL
  • retain: Retain TTL

security-mode

The security mode for the TWAMP responder:

  • none: Unauthenticated mode
  • authentication: Authenticated mode

password

The password for the TWAMP responder when the security mode is set to authentication

timeout

An inactivity timer for a TWAMP test session