greetings all,
we've being suffering from SD-WAN solution for a long time. Could someone please clarify some concepts in performance SLA under SD-WAN?
1.what is Probe Timeout under Link Status? how it is calculated exactly?
the FortiManager says: Time to wait before a probe packet is considered lost (20 – 3600*1000 msec, default = 500)
Is the time a round-trip time (RTT) as mentioned below, the RTT being addressed in a common network context?
If it is RTT, then is the RTT in FortiGate the same RTT as being addressed in a common network context? Let's say:
"The round-trip time is how long it takes for a request sent from a source to a destination, and for the response to get back to the original source. Basically, the latency in each direction, plus the processing time."
2. what is latency under SLA target? how it is calculated exactly?
is Latency the same latency as being addressed in common network context? let's say:
"Network latency is how long it takes for something sent from a source host to reach a destination host. There are many components to latency, and the latency can actually be different A to B and B to A."
if all the above concepts are confirmed yes, then:
should the probe timeout value be configured at least twice higher than the latency? if it is configured less than that then there is a high chance that the request message (or probe message) will be considered lost and will impact the packet loss metric in SLA target, which will bring failover and cause production problem.
I think the RTT should even higher than just twice as the latency, as the target (server) need to take some time to process the request, then sends back the response.
Previously we were using Ping as the Active probe method, but we found Ping is quite unreliable, so we switched to use Active probing TCP-connect (https SYN+SYN/ACK), in this case, should we set the packet loss threshold at least twice higher than the latency?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi sean3,
Your post was erroneously marked as spam by our automated system. I apologize for the inconvenience.
If you are in urgent need of help, consider talking with our TAC support team. Otherwise, we will try to get you an answer here.
Kind regards,
Stephen
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.