Bug in SDWAN SLA?

Forum|Forum|6 years ago
March 3, 2020
1 reply
4685 views

I just hat the following incident:

On a FGT 100E sd-wan is active and used for internet. There is SD-WAN SLA configured for each interface in sd-wan to check link health. Worked fine so far.

There used to be 4 interfaces in sd-wan and sd-wan SLA. One is deactivated in sd-wan always (should only be used by sd-wan when all others are down).

Now I added a new Interface to sdwan (and SD-WAN SLA) which still does not have an internet connection. I did this plenty of times with no problems. This time sd-wan behaved different.

Even though the Health Check marked the Link as down correctly, sd-wan started using it and it got sessions for no use.

On all other FGT we have SD-WAN does not do so. If a link is down it is not used.

Does anyone have a clue why it behaves so different here?

Toshi_Esumi

SuperUser

If you posted what version of FortiOS you're running, that might trigger some responses.

sw2090Author

SuperUser

oh sorry forgot to mention that:

it runs FortiOS 6.0.9

Btw:

even flappling link is not an explanation for we had that a couple of days ago in a shop too and there we encountered no such problems.

ShawnZA

New Member

Had the same issue on 6.2 a few weeks back. Added a 3rd link to the SD-WAN setup, even marked as disabled under the Members list. Had a SLA showing the link down as well.... but all hell broke loose as the firewall tried to route traffic out over the disabled interface, not even enabled.... Only way to solve it was to remove the disabled member from under SDWAN member list.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded