|
The SD-WAN rule strategies offer Manual member selection. In Manual mode, FortiGate prefers the member/s according to the configuration order. It is the only strategy that does not consider the member metrics for member preference; no health checks are used in the rule. As a result, decision-making closer resembles logic more than intelligence.
However, if there is/are health-check/s configured for the selected members used in the Manual strategy, and the health-check (in case t is only one) or ALL the health-checks (in case of multiple ones for the member/s) indicate that the member interface is dead, this would cause the SD-WAN rule to be void, even though the Manual strategy is used.
147 # diagnose sys sdwan health-check
Health Check(14):
Seq(2 port1): state(dead), packet-loss(100.000%) sla_map=0x0
Seq(1 port4): state(dead), packet-loss(100.000%) sla_map=0x0
It would be confusing to enforce such interfaces in the SD-WAN rule, the SLA still affects the route.
A possible solution is to delete all SLAs regarding that interface so that the port would be invisible from 'diagnose sys sdwan health-check'.
The interface in manual SD-WAN rules would be selected as active, and the rule would be working without the effect of SLA anymore.
Note:
The SLA cannot be deleted if it has been applied to some rules.
Special Scenario:
In a special case in v7.2.5 or later, the SD-WAN member interface is down and the related route is removed from the active routing table; however, when checking the SD-WAN rules page, the interface status still shows up/green. This is a known issue that was addressed starting from v7.4.4 and later.
This issue was not addressed in the v7.2 release. This is a cosmetic issue on the GUI and does not affect the actual routing. The Bug ID for the respective problem is 924693.
Related documents:
Technical Tip: SD-WAN rule in manual mode and Performance SLA
Manual strategy
|
