Fortinet black logo

Administration Guide

Home FortiManager 7.4.0 Administration Guide

Performance SLA

7.4.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0
Copy Link
Copy Doc ID 5c7b0997-c382-11ed-8e6d-fa163e15d75b:733090
Download PDF

Performance SLA

Create a Performance SLA in FortiManager that can be used to monitor the SD-WAN performance in FortiGate devices.

If all links meet the SLA criteria, the FortiGate uses the first link, even if that link isn’t the best quality. If at any time, the link in use doesn’t meet the SLA criteria, and the next link in the configuration meets the SLA criteria, the FortiGate changes to that link. If the next link doesn’t meet the SLA criteria, the FortiGate uses the next link in the configuration if it meets the SLA criteria, and so on.

To create a new performance SLA:
  1. If using ADOMs, ensure that you are in the correct ADOM.

  2. Go to Device Manager > Provisioning Templates > SD-WAN Templates.

  3. Double-click an SD-WAN template to open it for editing, or click Create New in the toolbar.

    The SD-WAN template opens.

  4. In the Performance SLA toolbar, click Create New. The Create Performance SLA dialog-box opens

  5. Enter the following information, and click OK to create the performance SLA:

    Name

    Enter the name of the performance SLA.

    IP Version

    Select IPv4 or IPv6.

    Probe Mode

    Set the mode that determines how to detect the server:

    • Active: the probes are sent actively (default).
    • Passive: the traffic measures health without probes.
    • Prefer-passive: the probes are sent in case of no new traffic.
    • Remote: the link health is obtained from remote peers.

    Enable Probe Packets

    Set Enable probe packets to enable or disable sending probe packets.

    ProtocolSelect the detection method for the profile check:
    • Ping
    • TCP ECHO
    • UDP ECHO
    • HTTP
    • TWAMP
    • DNS
    • TCP Connect
    • FTP
    ServerClick Add (+), and type the IP address of the health-check server.
    ParticipantsSelect available interface members or select All SD-WAN Members. The interfaces must already be added to the template.

    Embedded Measure Health

    Enable/disable embedding SLA information in ICMP probes (default = disable).

    Redistribute SLA ID

    Set the SLA entry (ID) that will be applied to the IKE routes (0 - 31, default = 0).

    Installation Target

    Click the box to specify installation targets for the performance SLA.

    SLA Targets

    Click Add Target to add a new SLA. Enable and enter the Latency Threshold (in milliseconds), Jitter Threshold (in milliseconds), Packet Loss Threshold (in percent), Priority IN-SLA, and Priority OUT-SLA, then click OK to create the SLA.

    SLAs can also be edited and deleted as required.

    Link Status

    Interval

    Status check interval, or the time between attempting to connect to the server, in seconds (1 - 3600, default = 1).

    Failure Before Inactive

    Specify the number of failures before the link becomes inactive (1 - 10, default = 5).

    Restore Link After

    Specify the number of successful responses received before server is considered recovered (1 - 10, default = 5).

    Action When Inactive

    		Specify what happens with the WAN link becomes inactive.

    Update Static Route

    		Select to update the static route when the WAN link becomes inactive.

    Cascade Interfaces

    		Select to cascade interfaces when the WAN link becomes inactive.

    Advanced Options

    Expand to display the advanced options.

    Hover the mouse over each advanced option to view a description of the option.

    Set the options as desired.

Previous
Next

Performance SLA

Create a Performance SLA in FortiManager that can be used to monitor the SD-WAN performance in FortiGate devices.

If all links meet the SLA criteria, the FortiGate uses the first link, even if that link isn’t the best quality. If at any time, the link in use doesn’t meet the SLA criteria, and the next link in the configuration meets the SLA criteria, the FortiGate changes to that link. If the next link doesn’t meet the SLA criteria, the FortiGate uses the next link in the configuration if it meets the SLA criteria, and so on.

To create a new performance SLA:
  1. If using ADOMs, ensure that you are in the correct ADOM.

  2. Go to Device Manager > Provisioning Templates > SD-WAN Templates.

  3. Double-click an SD-WAN template to open it for editing, or click Create New in the toolbar.

    The SD-WAN template opens.

  4. In the Performance SLA toolbar, click Create New. The Create Performance SLA dialog-box opens

  5. Enter the following information, and click OK to create the performance SLA:

    Name

    Enter the name of the performance SLA.

    IP Version

    Select IPv4 or IPv6.

    Probe Mode

    Set the mode that determines how to detect the server:

    • Active: the probes are sent actively (default).
    • Passive: the traffic measures health without probes.
    • Prefer-passive: the probes are sent in case of no new traffic.
    • Remote: the link health is obtained from remote peers.

    Enable Probe Packets

    Set Enable probe packets to enable or disable sending probe packets.

    ProtocolSelect the detection method for the profile check:
    • Ping
    • TCP ECHO
    • UDP ECHO
    • HTTP
    • TWAMP
    • DNS
    • TCP Connect
    • FTP
    ServerClick Add (+), and type the IP address of the health-check server.
    ParticipantsSelect available interface members or select All SD-WAN Members. The interfaces must already be added to the template.

    Embedded Measure Health

    Enable/disable embedding SLA information in ICMP probes (default = disable).

    Redistribute SLA ID

    Set the SLA entry (ID) that will be applied to the IKE routes (0 - 31, default = 0).

    Installation Target

    Click the box to specify installation targets for the performance SLA.

    SLA Targets

    Click Add Target to add a new SLA. Enable and enter the Latency Threshold (in milliseconds), Jitter Threshold (in milliseconds), Packet Loss Threshold (in percent), Priority IN-SLA, and Priority OUT-SLA, then click OK to create the SLA.

    SLAs can also be edited and deleted as required.

    Link Status

    Interval

    Status check interval, or the time between attempting to connect to the server, in seconds (1 - 3600, default = 1).

    Failure Before Inactive

    Specify the number of failures before the link becomes inactive (1 - 10, default = 5).

    Restore Link After

    Specify the number of successful responses received before server is considered recovered (1 - 10, default = 5).

    Action When Inactive

    		Specify what happens with the WAN link becomes inactive.

    Update Static Route

    		Select to update the static route when the WAN link becomes inactive.

    Cascade Interfaces

    		Select to cascade interfaces when the WAN link becomes inactive.

    Advanced Options

    Expand to display the advanced options.

    Hover the mouse over each advanced option to view a description of the option.

    Set the options as desired.

Previous
Next