Description
This article describes how to configure the health check for SD-WAN links with high latency.
Scope
FortiGate.
Solution
With the default settings, the performance SLA will show a link with latency higher than 500 ms as down:
diagnose sys sdwan health-check
Health Check:
Seq(1 port5): state(dead), packet-loss(100.000%) sla_map=0x0
The following errors were observed in the link-monitor debugs:
diagnose debug application link-monitor -1
diagnose debug enable
lnkmtd::monitor_peer_recv(1993): ---> can not find probe for monitor port5-VIRTUAL_WAN_LINK-5, seq_num 28.
To address this, increase the probe-timeout using the CLI. This configuration is necessary when network delays are expected to exceed the probing interval (default probe timeout is 500 ms). If no probe-timeout is specified, the timeout delay defaults to the interval delay.
V6.2.
V6.2.
config system virtual-wan-link
config health-check
edit <name>
set probe-timeout 2000
config health-check
edit <name>
set probe-timeout 2000
V6.4, v7.0, v7.2, v7.4 and v7.6:
conf system sdwan
config health-check
edit <name>
set probe-timeout 2000
config health-check
edit <name>
set probe-timeout 2000
Result.
diagnose sys sdwan health-check
Health Check
Seq(1 port5): state(alive), packet-loss(0.000%) latency(941.158), jitter(27.486) sla_map=0x0
Health Check
Seq(1 port5): state(alive), packet-loss(0.000%) latency(941.158), jitter(27.486) sla_map=0x0
