Description
This article describes the use case of sla-compare-method in SDWAN rule when using more than one SLA target.
Scope
FortiGate.
Solution
This SLA comparison method allows for defining an order of preference for SLA Targets.
SLA Targets which are considered more critical can be given a higher order of preference by the administrator.
Suppose there are two SLA targets configured, one for latency and another for packet loss.
So, if the administrator wants to give a higher preference to packet loss than the latency, then the administrator can set the sla-compare-method to order and select the packet loss SLA before latency.
Let’s take an example over here: -
> SDWAN rule: -
GUI configuration:-
CLI configuration:-
# config system sdwan
# config service
# edit "1"
# show
config service
edit 1
set name "Internet-Rule"
set mode sla
set dst "all"
set src "all"
config sla
edit "PacketLoss"
set id 1
next
edit "Latency"
set id 1
next
end
set priority-members 1 2
next
end
> SLA configuration: -
Latency SLA:-
Packet Loss SLA:-
> Set sla-compare-method as order.
config system sdwan
config service
edit 1
set sla-compare-method
order Compare SLA value based on the order of health-check.
number Compare SLA value based on the number of satisfied health-check.
For example, if there is more than 5% packet loss over Port3 and there is latency higher than 100ms for port1, since the administrator has configured to give preference to packet loss SLA therefore port1 will be chosen as the preferred route even though it has higher latency.
The table below shows the result of 'set sla-compare-method order' compared to 'set sla-compare-method number'.
SLA Status |
Port 1 |
Port 3 |
sla-compare-method order |
sla-compare-method number |
||
Latency |
Packet loss |
Latency |
Packet Loss |
|||
Optimal |
✓ |
✓ |
✓ |
✓ |
Sla identical |
Sla identical |
SLA failure 1 |
✗ |
✓ |
✓ |
✓ |
>SLA for Loss (preferred) is identical on port1 & port3 >Tie breaker goes to Latency >Port 3 is preferred |
>SLA thresholds pass for port1=1 >SLA thresholds pass for port3=2 >PORT3 is preferred |
SLA failure 2 |
✗ |
✓ |
✓ |
✗ |
>SLA for loss is preferred so in port 3 Loss is failed >Port 1 is preferred |
>SLA results are identical since number of SLA pass is identical |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.