Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
tgirard
Staff
Staff

Created on ‎09-10-2024 09:00 AM Edited on ‎09-11-2024 04:11 AM By Moderator

Article Id 340357

Technical Tip: SD-WAN ADVPN 2.0 - load-balancing traffic over multiple shortcuts

Description This article describes the configuration needed to have traffic load-balanced over multiple shortcuts for ADVPN SD-WAN 2.0 
Scope Available from FortiOS 7.6.0
Solution

The load-balancing of traffic over several shortcuts will be effective when the following configuration is applied:

 

config system sdwan

config service

  edit 1

        set load-balance enable

        set mode sla

        …

        set tie-break fib-best-match

    next

end

 

With the above configuration, the source spoke will establish and use a full mesh of shortcuts between all local members and all members of the remote spoke within the same transport-group. The transport-group is configured at the SD-WAN member level.

 

The algorithm used for load balancing is defined (once load-balance is enabled for this service) by:

 

config system sdwan

config service

edit 1

set hash-mode

 

For details of the different hash-modes available, see 'load balance hash methods' section of the documentation.

 

Configuring load-balance with a manual service (config service, set mode manual) will result in only one shortcut being created in release 7.6.0.
570
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.