# config system settingsset v4-ecmp-modesource-ip-based <----- Select next hop based on source IP.weight-based <----- Select next hop based on weight.usage-based <----- Select next hop based on usage.source-dest-ip-based <----- Select next hop based on both source and destination IPs.
This can be verified using the following command:
# diagnose sys vd listsystem fib version=37list virtual firewall info:------Truncated output ------name=root/root index=0 enabled use=112 rt_num=31 asym_rt=0 sip_helper=1, sip_nat_trace=1, mc_fwd=1, mc_ttl_nc=0, tpmc_sk_pl=0ecmp=source-ip-based, ecpm6=source-ip-based asym_rt6=0 rt6_num=32 strict_src_check=0 dns_log=1 ses_num=5 ses6_num=1 pkt_num=1158894tree_flag=1 tree6_flag=1 nataf=0 traffic_log=1 extended_traffic_log=0 svc_depth=2log_neigh=0, deny_tcp_with_icmp=0 ses_denied_traffic=no tcp_no_syn_check=0 central_nat=0 policy_mode_ngfw=0 block_land_attack=0 link_check_local_in=1fw_session_hairpin=no keep-PRP-trailer=0ipv4_rate=0, ipv6_rate=0, mcast6-PMTU=0, allow_linkdown_path=0mode=standalone ha_state=work prio=0 vid=0vf_count=5 vfe_count=17
To change the algorithm for IPv6, use the config system virtual-wan-link/config system sdwan on as per VDOM basis. The option selected here will apply to both IPv4 and IPv6.
# config system virtual-wan-link OR config system sdwanset status enable(virtual-wan-link) set load-balance-modesource-ip-based <----- Source IP load balancing. All traffic from a source IP is sent to the same interface.weight-based <----- Weight-based load balancing. Interfaces with higher weights have higher priority and get more traffic.usage-based <----- Usage-based load balancing. All traffic is sent to the first interface on the list. When the bandwidth on that interface exceeds the spill-over limit new traffic is sent to the next interface.source-dest-ip-based <----- Source and destination IP load balancing. All traffic from a source IP to a destination IP is sent to the same interface.measured-volume-based <----- Volume-based load balancing. Traffic is load balanced based on traffic volume (in bytes). More traffic is sent to interfaces with higher volume ratios.(virtual-wan-link) set load-balance-mode source-dest-ip-based(virtual-wan-link) end
Verify using following command:
(global) # diagnose sys vd listsystem fib version=37list virtual firewall info:------Truncated output ------name=root/root index=0 enabled use=112 rt_num=31 asym_rt=0 sip_helper=1, sip_nat_trace=1, mc_fwd=1, mc_ttl_nc=0, tpmc_sk_pl=0ecmp=source-dest-ip-based, ecpm6=source-dest-ip-based asym_rt6=0 rt6_num=32 strict_src_check=0 dns_log=1 ses_num=7 ses6_num=1 pkt_num=1161223tree_flag=1 tree6_flag=1 nataf=0 traffic_log=1 extended_traffic_log=0 svc_depth=2log_neigh=0, deny_tcp_with_icmp=0 ses_denied_traffic=no tcp_no_syn_check=0 central_nat=0 policy_mode_ngfw=0 block_land_attack=0 link_check_local_in=0fw_session_hairpin=no keep-PRP-trailer=0ipv4_rate=1, ipv6_rate=0, mcast6-PMTU=0, allow_linkdown_path=0mode=standalone ha_state=work prio=0 vid=0Related document.vf_count=5 vfe_count=17
https://docs.fortinet.com/document/fortigate/7.0.1/administration-guide/25967/equal-cost-multi-pathRelated Articles
Technical Tip: Equal cost multi-path (ECMP) - Maximum number of paths and routing issues
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.