Support HTTPS performance SLA health checks 7.4.1
HTTPS is supported for SD-WAN performance SLA health checks. All default HTTP-based health checks have been updated to use HTTPS instead. This includes:
- Default_AWS
- Default_FortiGuard
- Default_Google Search
- Default_Office_365
|
After upgrading, the default profiles using HTTP are changed to use HTTPS. Non-default performance SLA health check profiles are not affected after upgrading. |
Example 1: applying a default HTTPS health check:
In this example, the Default_AWS health check is applied to an SD-WAN member in the default virtual-wan-link zone.
To apply the Default_AWS health check in an SD-WAN configuration:
-
Configure SD-WAN:
config system sdwan set status enable config zone edit "virtual-wan-link" next end config members edit 1 set interface "port1" set gateway 172.16.200.254 set gateway6 2000:172:16:200::254 next end config health-check edit "Default_AWS" set server "aws.amazon.com" set protocol https set interval 1000 set probe-timeout 1000 set recoverytime 10 set update-static-route disable set members 1 config sla edit 1 set latency-threshold 250 set jitter-threshold 50 set packetloss-threshold 5 next end next end end -
Verify the health check status:
# diagnose sys sdwan health-check status Default_AWS Health Check(Default_AWS): Seq(1 port1): state(alive), packet-loss(0.000%) latency(107.732), jitter(10.425), mos(4.332), bandwidth-up(999920), bandwidth-dw(997555), bandwidth-bi(1997475) sla_map=0x1
Example 2: configuring an IPv6 health check with HTTPS
To configure an IPv6 health check with HTTPS:
config system sdwan
set status enable
config zone
edit "virtual-wan-link"
next
end
config members
edit 1
set interface "port1"
set gateway 172.16.200.254
set gateway6 2000:172:16:200::254
next
end
config health-check
edit "ipv6"
set addr-mode ipv6
set server "ipv6.google.com"
set protocol https
set members 1
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end