SD-WAN rules - best quality
SD-WAN rules are used to control how sessions are distributed to SD-WAN members. Rules can be configured in one of five modes:
auto: Interfaces are assigned a priority based on quality.- Manual (
manual): Interfaces are manually assigned a priority. - Best Quality (
priority): Interface are assigned a priority based on the link-cost-factor of the interface. - Lowest Cost (SLA) (
sla): Interfaces are assigned a priority based on selected SLA settings. See SD-WAN rules - lowest cost (SLA). - Maximize Bandwith (SLA) (
load-balance): Traffic is distributed among all available links based on the selected load balancing algorithm. See SD-WAN rules - maximize bandwidth (SLA).
When using Best Quality mode, SD-WAN will choose the best link to forward traffic by comparing the link-cost-factor, selected from one of the following:
|
GUI |
CLI |
Description |
|---|---|---|
|
Latency |
latency |
Select a link based on latency. |
|
Jitter |
jitter |
Select a link based on jitter. |
|
Packet Loss |
packet-loss |
Select a link based on packet loss. |
|
Downstream |
inbandwidth |
Select a link based on available bandwidth of incoming traffic. |
|
Upstream |
outbandwidth |
Select a link based on available bandwidth of outgoing traffic. |
|
Bandwidth |
bibandwidth |
Select a link based on available bandwidth of bidirectional traffic. |
|
custom-profile-1 |
custom-profile-1 |
Select link based on customized profile. If selected, set the following weights:
|
In this example, your wan1 and wan2 SD-WAN interfaces connect to two ISPs that both go to the public internet, and you want Gmail services to use the link with the least latency.
To configure an SD-WAN rule to use Best Quality:
- On the FortiGate, enable SD-WAN and add wan1 and wan2 as SD-WAN members, then add a policy and static route. See Configuring the SD-WAN interface for details.
- Create a new Performance SLA named google. See Performance SLA - link monitoring.
- Go to Network > SD-WAN Rules.
- Click Create New. The Priority Rule page opens.
- Enter a name for the rule, such as gmail.
- Configure the following settings:
Field
Setting
Internet Service
Google-Gmail
Strategy
Best Quality
Interface preference
wan1 and wan2
Measured SLA
google (created in step 2).
Quality criteria
Latency
- Click OK to create the rule.
To configure an SD-WAN rule to use priority:
config system virtual-wan-link
config health-check
edit "google"
set server "google.com"
set members 1 2
next
end
config service
edit 1
set name "gmail"
set mode priority
set internet-service enable
set internet-service-id 65646
set health-check "google"
set link-cost-factor latency
set priority-members 1 2
next
end
end
To diagnose the Performance SLA status:
FGT # diagnose sys virtual-wan-link health-check google
Health Check(google):
Seq(1): state(alive), packet-loss(0.000%) latency(14.563), jitter(4.334) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(12.633), jitter(6.265) sla_map=0x0
FGT # diagnose sys virtual-wan-link service 1
Service(1):
TOS(0x0/0x0), protocol(0: 1->65535), Mode(priority), link-cost-facotr(latency), link-cost-threshold(10), health-check(google) Members:
1: Seq_num(2), alive, latency: 12.633, selected
2: Seq_num(1), alive, latency: 14.563, selected
Internet Service: Google-Gmail(65646)
As wan2 has a smaller latency, SD-WAN will put Seq_num(2) on top of Seq_num(1) and wan2 will be used to forward Gmail traffic.