Diagnostic commands:
# diag sys virtual-wan-link member
Member(1): interface: port2, gateway: 10.10.10.100, priority: 0, weight: 0
Member(2): interface: port3, gateway: 20.20.20.100, priority: 0, weight: 0
Run the following command to see all members on the SD-WAN link, as well as the priority and weight values for each link:
# diag firewall proute list
list route policy info(vf=root):
id=2130837505 vwl_service=1(SDWAN-RULE-TEST) vwl_mbr_seq=2 1 dscp_tag=0xff 0xff flags=0x0 tos=0x00 tos_mask=0x00 protocol=0 sport=0:65535 iif=0 dport=1-65535 oif=5 oif=4
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
Run the following command to show which interface is the best choice for the performance SLA (in the example output below, '2' is the WAN2 interface while '1' is the WAN interface):
# diag sys virtual-wan-link health-check PING
Health Check(PING):
Seq(1): state(alive), packet-loss(0.000%) latency(60.223), jitter(9.280) sla_map=0x0
Seq(2): state(alive), packet-loss(0.000%) latency(60.155), jitter(9.318) sla_map=0x0
Run the following command to show the performance SLA values for each link. Since the latency of WAN1 is higher than WAN2's in the example below, WAN2 is the priority route for the SD-WAN rule test under the diag firewall proute list.
# diag sys virtual-wan-link service 1
Service(1): Address Mode(IPV4) flags=0x0
TOS(0x0/0x0), Protocol(0: 1->65535), Mode(priority), link-cost-factor(packet-l
Service role: standalone
Member sub interface:
Members:
1: Seq_num(2), alive, packet loss: 0.000%, selected
2: Seq_num(1), alive, packet loss: 0.000%, selected
Src address:
0.0.0.0-255.255.255.255
Dst address:
0.0.0.0-255.255.255.255
In the above, the service value '1' is the SD-WAN rule id of 'SD WAN RULE TEST'.
This command shows the preferred route taken by the SD-WAN rule.
The highest quality criteria chosen is 'PACKET LOSS'. Since no packet loss is detected on either WAN interfaces, the FortiGate SD-WAN rule selects both FortiGates as quality interfaces.
Run the following command to display a 10 minute usage history for each SD-WAN member:
# diag sys virtual-wan-link intf-sla-log wan1