This article explains how to configure SDWAN forwarding policy to forward the traffic over the link with minimum packet loss.

Please refer to this topology diagram for explanation in this article.

Scenario

In this example, we have two WAN links named as MPLS and INTERNET on the Versa FlexVNF CPE to forward the traffic.

We need to configure the SDWAN policy to forward the IPERF application traffic over the link that has less than 2% packet loss. We have set the packet loss threshold to 2%

Traffic will also be switched over to another link if any point of time this SLA gets violated i.e. packet loss on the link exceeds 2%

Configuration

SLA Profiles

1. Login to Versa Director GUI and navigate to Appliance > Configuration>Services>SDWAN>SLA Profiles
2. Click on + in the right pane to add new SLA profile
3. We need to create SLA profile with 50ms of latency, so enter value of 2 under Maximum Packet Loss (%) variable in the SLA profile

Forwarding Profiles

4. Click on Forwarding Profiles tab in the left pane and click + to create the forwarding profile.
5. While creating forwarding profile, we need to select the SLA profile(Low_Latency) configured in step 1.
6. Recompute Timer sets the time in seconds which essentially used to re-evaluate the SLA compliance state. This will further influence traffic switching time between circuits when current circuit does not meet the SLA threshold values. You can change the value of Recompute timer as per the production need.
7. SLA Violation Action is set to Forward, as we intent to switch the traffic to another link when configured SLA gets Violated. You can also set it to Drop in case you want to drop the traffic when SLA gets Violated.
8. You can enable Evaluate continuously by marking the given check box. This will enable continuous evaluation of the available circuits against configured SLA parameters.

Policies

9. Click on Policies tab at the left-hand pane. There will be a Default-Policy created. If not, create a Policy with some name.
10. Navigate to Rules and click + to create new rule

11. Configure the Rule name in General tab and then navigate to Applications/URL tab to define the list of applications needed to be matched. You can also use Source/Destination tab to provide layer 3 IP addresses to match certain traffic flows.
    In this example, we are using IPERF application hence we have selected IPERF under application list.
12. Click + under Applications section and select the application.
    Please Note: Versa Detects more than 3000 applications

13. Navigate to Enforce tab and select “Allow Flow” from drop-down for Action under Forwarding section.
14. Select the Forwarding Profile name configured in Forwarding Profiles section in steps 4 through 8 under section Forwarding Profiles
15. In case, you need the data to be captured in Versa Analytics, select the LEF Profile under Logging section.

Cli Configuration

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss sla-profile Packet_loss

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss connection-selection-method weighted-round-robin

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss sla-violation-action forward

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss evaluate-continuously enable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss recompute-timer 60

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss encryption optional

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss symmetric-forwarding enable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss turn-redirect disable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss replication mode disable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss fec sender mode disable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss fec receiver recovery enable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss fec receiver preserve-order enable

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss sla-smoothing enable false

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss sla-dampening enable false

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss load-balance per-flow

set orgs org-services Tenant-1 sd-wan forwarding-profiles Low_Packet_Loss gradual-migration disable

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss match source user user-type any

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss match application predefined-application-list [ IPERF ]

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss set action allow

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss set forwarding-profile Low_Packet_Loss

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss set lef profile Default-Logging-Profile

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss set lef event never

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss set lef rate-limit 10

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss monitor interval 3

set orgs org-services Tenant-1 sd-wan policies Default-Policy rules Packet_Loss monitor threshold 5

Validation

Traffic switchover can be monitored and validated in the Branch monitor tab. Go to > Appliance > Click on the branch > Monitor > Click on the Tenant > Summary