Description
This article describes SD-WAN Lowest cost (SLA).
Scope
FortiGate.
Solution
In the Lowest Cost (SLA) strategy, FortiGate assigns a cost value to each SD-WAN member based on administrative preference or link type. It continuously monitors SLA performance metrics such as latency, jitter, and packet loss to determine if each link meets the defined thresholds. If multiple members satisfy the SLA criteria, the traffic is forwarded in order of member cost followed by the configuration order.
The following image explains the Lowest Cost (SLA) strategy, the green boxes represent SD-WAN members in SLA, while the red boxes represent SD-WAN members outside of SLA. It describes different scenarios to identify which link will carry the Gmail traffic.
SD-WAN settings:
config system sdwan
config members
edit 1
set interface "wan1"
set cost 10
next
edit 2
set interface "wan2"
set cost 5
next
end
config health-check
edit "google"
set server "google.com"
set members 1 2
config sla
edit 1
set latency-threshold 10
set jitter-threshold 5
next
end
next
end
config service
edit 1
set name "gmail"
set mode sla
set internet-service enable
set internet-service-id 65646
config sla
edit "google"
set id 1
next
end
set priority-members 1 2
next
end
end
To diagnose the Performance SLA status:
diagnose sys sdwan health-check google
Health Check(google):
Seq(1): state(alive), packet-loss(0.000%) latency(14.563), jitter(4.334) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(12.633), jitter(6.265) sla_map=0x0
diagnose sys sdwan service 1
Service(1): Address Mode(IPV4) flags=0x0
TOS(0x0/0x0), Protocol(0: 1->65535), Mode(sla)
Members:<<BR>>
1: Seq_num(2), alive, sla(0x1), cfg_order(1), selected
2: Seq_num(1), alive, sla(0x1), cfg_order(0), selected
Note: Starting from FortiOS v7.4.4, the diagnose sys sdwan service command is now divided into two separate commands for IPv4 and IPv6.
For IPv4:
diagnose sys sdwan service4
For IPv6:
diagnose sys sdwan service6
