Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
damianhlozano
Contributor

Created on ‎10-02-2023 01:31 PM

Weighted Load balance and failover considering packet loss

Hello team!!!

 

Recently a Fortinet engineer told me that performance SLA are not considered if there are not explicit rule including them, so I wonder how to create a Load balance, using both WANs in the SD-WAN, taking care about the bandwith of each wan.

For example, I have the following:

WAN1: 100 Mbps / 100 Mbps of bandwith

WAN2: 50 Mbps / 50 Mbps of bandwith

In this case I would like to have about the double amount of sessions in WAN1 than in WAN2, and also I would like that if some link has about 3% of packet loss or more, this link will not be used.

Is this possible?

 

Thanks in advance.

Regards,

Damián

Damián Lozano
Damián Lozano
Labels:
1646
0 Kudos
1 Solution
hbac
Staff
Staff
In response to damianhlozano

Created on ‎10-06-2023 08:27 AM

Hi @damianhlozano,

 

You don't need an explicit sdwan rule. As long as Performance SLA is configured, FortiGate will start probing the server. I tested in my lab.

 

Regards, 

View solution in original post

1546
0 Kudos
5 REPLIES 5
Jean-Philippe_P
Moderator
Moderator

Created on ‎10-05-2023 12:41 AM

Hello Damian! 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Jean-Philippe - Fortinet Community Team
1584
0 Kudos
hbac
Staff
Staff

Created on ‎10-05-2023 06:14 AM

Hi @damianhlozano,

 

You can load balance using volume (Weight) by following this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-load-balance-traffic-between-two-in...

 

If some link has about 3% of packet loss or more, this link will not be used. You can configure Performance SLA and set pack loss threshold to 3%. Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/580649/link-health-monitor

 

Regards, 

1569
0 Kudos
damianhlozano
Contributor
In response to hbac

Created on ‎10-06-2023 06:01 AM

Hi @hbac and @Jean-Philippe_P 

Thanks for your responses!!!

 

This is what I understand of this links:

The first link explain how to load balance the traffic to a specific IP, skipping sdwan rules

The second link explain how to create a link health monitor

As I understand (IMHO), this is not related to my question.

When more articles I read about sdwan, more I think the Fortinet engineer was wrong, I think the performance SLA should work even if there is not explicit rules selecting them.

Also, the fortinet engineer told me that when there are many performance SLA in a explicit rule, just one of them are used (different from what the second link explain), I think he was wrong in many answers.

 

So, before my previous question, let me ask you another question:

Are performance SLA considered if there is no explicit sdwan rules?  (Just the implicit rule)

 

Thanks in advance.

Regards,

Damián

Damián Lozano
Damián Lozano
1553
0 Kudos
hbac
Staff
Staff
In response to damianhlozano

Created on ‎10-06-2023 08:27 AM

Hi @damianhlozano,

 

You don't need an explicit sdwan rule. As long as Performance SLA is configured, FortiGate will start probing the server. I tested in my lab.

 

Regards, 

1547
0 Kudos
damianhlozano
Contributor
In response to hbac

Created on ‎10-06-2023 08:30 AM

I think so, thanks!!

Damián Lozano
Damián Lozano
1544
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.