Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MahmoudH93
New Contributor

Created on ‎10-25-2023 06:22 AM

Routing information changed

i have a unfamiliar behavior 

i have 3 WAN links with SDWAN Zone

 its working good and it do Loadbalance 

but i notice this error 

and i lost internet for seconds  the it retrieve again 

and i  can find this error 

i posted my configuration may it help you 

 

thanks

Screenshot 2023-10-25 124417.pngScreenshot 2023-10-25 162058.png 

Mahmoud hesham
mahmoud.hesham@Connectps.com
Mahmoud heshammahmoud.hesham@Connectps.com
Labels:
800
0 Kudos
6 REPLIES 6
kumarh
Staff
Staff

Created on ‎10-25-2023 07:37 AM

 SDWAN the health check SLA can add  routes based on the SLA status(alive/dead)
It can happen due to packet loss or if the interface flaps.
If you want to disable these events you can run following following command for disable routing update:

config system sdwan
config health-check
edit "WAN_SLA"
set update-static-route disable
next
end

776
0 Kudos
mufas12
New Contributor

Created on ‎10-25-2023 07:46 AM

side effect of learning form cisco, you learn whats possible with cisco :) There is probably some open standard that does the same kind of thing, I"ll look it up later and see what I can find. good work on the subnetting, with all the "local IT" I've worked with you can never assume they did something right :)

10.0.0.0.1 192.168.1.254
10.0.0.0.1 192.168.1.254
773
0 Kudos
hbac
Staff
Staff

Created on ‎10-25-2023 07:59 AM

Hi @MahmoudH93

 

As it is showing in the log details. You have Performance SLA configured and if the threshold is exceeded, FortiGate will remove that interface from the routing table. It means http connection to google.com, yahoo.com has more than 10% packet losses or high latency. 

 

Regards, 

770
0 Kudos
MahmoudH93
New Contributor
In response to hbac

Created on ‎10-25-2023 08:23 AM

also when i disable a port and static route change , i didn't lost internet 

i can't get the root cause of this problem

 

Mahmoud hesham
mahmoud.hesham@Connectps.com
Mahmoud heshammahmoud.hesham@Connectps.com
752
0 Kudos
khaled_omar
New Contributor

Created on ‎02-27-2024 11:23 AM

hello ,

 

does any one got the root cause of this issue i have similar problem 

338
0 Kudos
Muhammad_Haiqal
Staff
Staff
In response to khaled_omar

Created on ‎02-27-2024 07:59 PM Edited on ‎02-27-2024 08:00 PM

Hi @khaled_omar ,

Good day to you.
Please verify on the SDWAN SLA performance.
Make sure you set the ideal threshold value for the "SLA target" and "Link status".
Too low value may introduce SDWAN flapping.

You may consider this value:
Protocol : Ping

Server: 8.8.8.8 (This is reliable server to check)


SLA target:
Latency: 250ms
Threshold: 250ms
Packet loss: 10%

 

Link Status:
Interval : 3000ms(check every 3 seconds)

Make sure you only use this SLA to do the healthcheck.
Remove the rest, as the SLA may overlap to each other.

haiqal
328
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.