Dynamic application steering with lowest cost and best quality strategies

In this example, the SD-WAN has three members: two ISPs (DIA_1 and DIA_2) that are used for access to internet applications, and an MPLS link that is used exclusively as a backup for business critical applications.

Business applications, such as Office365, Google, Dropbox, and SIP, use the Lowest Cost (SLA) strategy to provide application steering, and traffic falls back to MPLS only if both ISP1 and ISP2 are down. Non-business applications, such as Facebook and Youtube, use the Best Quality strategy to choose between the ISPs.

To configure the SD-WAN members, static route, and firewall policy in the GUI:
  1. Add port1 (DIA_1), port2 (DIA_2), and port3 (MPLS) as SD-WAN members. Set the cost of DIA_1 and DIA_2 to 0, and MPLS to 20. See Configuring the SD-WAN interface for details.
  2. Configure a static route. See Adding a static route for details.
  3. Create a firewall policy to allow traffic out on SD-WAN, with an Application Control profile configured. See Configuring firewall policies for SD-WAN for details.
To configure the SD-WAN rule and performance SLA checks for business critical application in the GUI:
  1. Go to Network > SD-WAN, select the SD-WAN Rules tab, and click Create New.
  2. Set the name to BusinessCriticalApps.

    This rule will steer your business critical traffic to the appropriate link based on the Lowest Cost (SLA).

  3. Set Source address to all.
  4. Under Destination, set Application to your required applications. In this example: Microsoft.Office.365, Microsoft.Office.Online, Google.Docs, Dropbox, and SIP.
  5. Under Outgoing Interfaces, select Lowest Cost (SLA).

    The lowest cost is defined in the SD-WAN member interface settings (see Configuring the SD-WAN interface). The lowest possible cost is 0, which represents the most preferred link. In this example, DIA_1 and DIA_2 both have a cost of 0, while MPLS has a cost of 20 because it is used for backup.

  6. In Interface preference, add the interfaces in order of preference when the cost of the links is tied. In this example, DIA_1, DIA_2, then MPLS.

    MPLS will always be chosen last, because it has the highest cost. DIA_1 and DIA_2 have the same cost, so an interface is selected based on their order in the Interface preference list.

  7. Set Required SLA target to ensure that only links that pass your SLA target are chosen in this SD-WAN rule:
    1. Click in the Required SLA target field.
    2. In the Select Entries pane, click Create. The New Performace SLA pane opens.
    3. Set Name to BusinessCriticalApps_HC.

      This health check is used for business critical applications in your SD-WAN rule.

    4. Leave Protocol set to Ping, and add up to two servers, such as office.com<