SDWAN rule "Maximize Bandwidth mode" for multi-link selection

Question

Hi, guys,

I am using Ftg400E HA with FortiOS v7.0.3.

Three internet lines are configured in the Ftg400E and formed into "SDWAN for internet access"; the SDWAN rule is using "maximize bandwidth mode", so three lines are sharing the internet traffic loading.

Recently, "internet line B and line C" are found unstable, while internet A is working well; hence I intend to configure internet line A and B still running in maximize bandwidth mode (load-balance mode), while line C is configured as hot-standby line.

I tried this way, but failed ( still three lines running in round-robin mode) :

1. SDWAN rule is still using "Maximize bandwidth mode"

2. but limited 2 lines for load-balanced

3. configured line C with higher cost value

Configuration:

====================

Forti400e_01 # show sys sdwan
config system sdwan
set status enable
set load-balance-mode source-dest-ip-based
config zone
edit "virtual-wan-link"
next
edit "SASE"
next
edit "Access_to_Internet"
next
....
end
config members
edit 1
set interface "port2"
set zone "Access_to_Internet"
set gateway 203.15.105.97
next
edit 2
set interface "port3"
set zone "Access_to_Internet"
set gateway 112.84.27.1
next
edit 3
set interface "port4"
set zone "Access_to_Internet"
set gateway 104.118.6.225
set cost 10
next

Status checking:

====================================
Forti400e_01 # diag sys sdwan member
Member(1): interface: port2, flags=0x0 , gateway: 203.15.105.97, priority: 0 1024, weight: 0
Member(2): interface: port3, flags=0x0 , gateway: 112.84.27.1, priority: 0 1024, weight: 0
Member(3): interface: port4, flags=0x0 , gateway: 104.118.6.225, priority: 0 1024, weight: 0
.......

Forti400e_01 # get sys sdwan
status : enable
load-balance-mode : source-dest-ip-based
speedtest-bypass-routing: disable
duplication-max-num : 2
.......

Forti400e_01 # diag sys sdwan service

........

Service(1): Address Mode(IPV4) flags=0x200 use-shortcut-sla
Gen(1), TOS(0x0/0x0), Protocol(0: 1->65535), Mode(load-balance hash-mode=round-robin)
Members(3):
1: Seq_num(1 port2), alive, sla(0x1), gid(2), num of pass(1), selected
2: Seq_num(2 port3), alive, sla(0x1), gid(2), num of pass(1), selected
3: Seq_num(3 port4), alive, sla(0x1), gid(2), num of pass(1), selected
Src address(1):
0.0.0.0-255.255.255.255

Dst address(1):
0.0.0.0-255.255.255.255

Forti400e_01 # diag firewall proute list
list route policy info(vf=root):
.........

id=2134900737(0x7f400001) vwl_service=1(Access_to_Internet) vwl_mbr_seq=1 2 3 dscp_tag=0xff 0xff flags=0x10 load-balance hash-mode=round-robin tos=0x00 tos_mask=0x00 protocol=0 sport=0-65535 iif=0 dport=1-65535 path(3) oif=10(port2) num_pass=1 oif=11(port3) num_pass=1 oif=12(port4) num_pass=1
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=22790680 last_used=2022-08-30 00:10:01

===================================================

Any suggestion/recommendation ?

Many thanks

BensonLEI

nnair · Answer

Dear Customer,You can follow this link for the Maximum bandwidth:https://docs.fortinet.com/document/fortigate/6.4.5/administration-guide/708464/maximize-bandwidth-sla-strategyYou can also set the interface preference as link A

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded