Description
This article describes how to configure the health check for SD-WAN links with high latency.
Scope
FortiGate.
Solution
With the default settings, the performance SLA will show a link with latency higher than 500 ms as down:
diagnose sys sdwan health-check
Health Check:
Seq(1 port1): state(dead), packet-loss(100.000%) sla_map=0x0
If no probe-timeout is specified, the timeout delay is the intervaldelay.
The solution is to increase the probe-timeout from CLI. This setting must be configured when it is expected for the network delay to be legitimately higher than the probing interval ( for example the probing interval of 500 ms on a 4G link with network delay >500 ms).
V6.2.
The solution is to increase the probe-timeout from CLI. This setting must be configured when it is expected for the network delay to be legitimately higher than the probing interval ( for example the probing interval of 500 ms on a 4G link with network delay >500 ms).
V6.2.
config system virtual-wan-link
config health-check
edit <name>
set probe-timeout 2000
config health-check
edit <name>
set probe-timeout 2000
V6.4, v7.0, v7.2, v7.4 and v7.6:
conf system sdwan
config health-check
edit <name>
set probe-timeout 2000
set probe-timeout <----- Time to wait before a probe packet is considered lost (500 - 3600000 msec, default = 500 if set probe-timeout is not specified, if not then the probe-timeout is equal to the interval value).
config health-check
edit <name>
set probe-timeout 2000
set probe-timeout <----- Time to wait before a probe packet is considered lost (500 - 3600000 msec, default = 500 if set probe-timeout is not specified, if not then the probe-timeout is equal to the interval value).
Result.
diagnose sys sdwan health-check
Health Check
Seq(1 port1): state(alive), packet-loss(0.000%) latency(941.158), jitter(27.486) sla_map=0x0
Health Check
Seq(1 port1): state(alive), packet-loss(0.000%) latency(941.158), jitter(27.486) sla_map=0x0
