Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tzepf
New Contributor

How to get SD WAN to Volume Load-Balance for 2 WAN Connections and use a 3rd as FailOver

Hello,

 

i want to configure my 3 WAN Connections in a way that 2 of them are Load Balanced by Volume / Sessions and a 3rd one as FailOver only if all other connections Fail. Is that possible?

 

I tried to set the Weights to 50 for WAN1, 20 for WAN2 (according to their Speed) and 0 for the third. But then the third Connection is also used with several MBit/s wich i want to prevent as this is a Volume Limited LTE Connection.

 

Any oder idea? Right now i use spillover, but i want to use both good WAN Connections equally. Thanks,

Tobias

4 REPLIES 4
sw2090
SuperUser
SuperUser

I don't think SDWAN/WLLB can do this alone.

you could create a volume based sdwan on the two WAN you want to be loadbalanced.

And then create one default route over the sdwan and a 2nd one (with higher prio/distance) using the third one.

Then traffic would primarily go to the loadbalancer and if that is unavailable will go to the thrid wan.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
tzepf
New Contributor

That sounds reasonable, i will try this configuration

 

Thanks

tzepf
New Contributor

I just tried this configuration - problem is that no second default Route pointing to 0.0.0.0 is allowed by Fortigate.

 

Message is

You cannot have duplicated routes on SD-WAN and non SD-WAN interfaces.   I searched the forum but i only found some threads from users with the same problem but no solution...   If anybody has a good idea please let me know...    
andyway85
New Contributor II

Hi Tobias,

 

You can use SD-WAN and change the priority to the third member, once you do that, the traffic will balance between the 2 members with lower priority and once the two of them fail, the third will kick in ... something like this

 

config system virtual-wan-link
    set status enable
    set load-balance-mode source-dest-ip-based
    config members
        edit 1
            set interface "port1"
            set gateway x.x.x.x
        next
        edit 2
            set interface "port2"
            set gateway y.y.y.y
        next
        edit 3
            set interface "port3"
            set gateway z.z.z.z
            set priority 4294967295
            set comment "Failover interface"
        next
    end

 

Hope it helps,

 

Andres

Labels
Top Kudoed Authors