| Description | This article describes how to configure an ISP as an SD-WAN member without an SLA when the ISP charges for data. |
| Scope | FortiGate. |
| Solution |
Configure an ISP as an SD-WAN member without an SLA where the provider charges for data usage. There are two service providers, wan1 and wan2. Wan1 is the primary link and Wan2 is the secondary link charge as per the data transfer.
Make sure there is no performance SLA on wan2, as probe traffic will also result in data usage. If there is at least some traffic on wan2, it is possible to use a Performance SLA that does not generate probes.
Create an SD-WAN rule with an interface selection strategy as required and select both wan1 and wan2 as members of the SD-WAN rule. In this example, the interface selection strategy is Cost. SD-WAN performance SLA:
Wan1 is the outgoing interface as per the SD-WAN rule.
Discovery-kvm22 # diagnose sys sdwan service4 1
Service(1): Address Mode(IPV4) flags=0x4200 use-shortcut-sla use-shortcut Tie break: cfg Shortcut priority: 2 Gen(1), TOS(0x0/0x0), Protocol(0): src(1->65535):dst(1->65535), Mode(sla), sla-compare-order Members(2): 1: Seq_num(1 port1 ISP), alive, sla(0x1), gid(0), cfg_order(0), local cost(0), selected 2: Seq_num(2 port2 ISP), alive, sla(0x1), gid(0), cfg_order(1), local cost(0), selected Src address(1): 0.0.0.0-255.255.255.255
Dst address(1): 0.0.0.0-255.255.255.255
The Wan1 interface went down, so wan2 will be over as seen in the SD-WAN rule.
Discovery-kvm22 # dia sys sdwan service4 1 Service(1): Address Mode(IPV4) flags=0x4200 use-shortcut-sla use-shortcut Tie break: cfg Shortcut priority: 2 Gen(2), TOS(0x0/0x0), Protocol(0): src(1->65535):dst(1->65535), Mode(sla), sla-compare-order Members(2): 1: Seq_num(2 port2 ISP), alive, sla(0x1), gid(0), cfg_order(1), local cost(0), selected 2: Seq_num(1 port1 ISP), dead, sla(0x0), gid(0), cfg_order(0), local cost(0) Src address(1): 0.0.0.0-255.255.255.255
Dst address(1): 0.0.0.0-255.255.255.255 |
