From bd173189deefe1dc508ca6e29c2a4d115cd78ca0 Mon Sep 17 00:00:00 2001 From: Yuri Slobodyanyuk Date: Thu, 18 Feb 2021 10:32:06 +0000 Subject: [PATCH] ongoing additions, changes, and fixes --- ...e-debug-diagnose-complete-cheat-sheet.adoc | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/Fortigate-debug-diagnose-complete-cheat-sheet.adoc b/Fortigate-debug-diagnose-complete-cheat-sheet.adoc index 7b3f62b..92c9fe8 100644 --- a/Fortigate-debug-diagnose-complete-cheat-sheet.adoc +++ b/Fortigate-debug-diagnose-complete-cheat-sheet.adoc @@ -426,3 +426,47 @@ a|View the kernel routing table (FIB). This is the list of resolved routes actua |Run sniffer on Fortigate to see if devices exchange packets on port 514. Click in GUI on `Test Connectivity` to initiate connection. |=== + + + + + +== SD-WAN verification and debug +.SD-WAN verification and debug +[cols=2, options="header"] +|=== +|Command +|Description + +a|*diagnose sys sdwan health-check* (6.4 and newer) + +*diagnose sys virtual-link health-check* (5.6 up to 6.4) + +| Show state of all the health checks/probes. Successful probes are marked `alive`, failed probes are marked `dead`. Also displays `packet-loss, latency, jitter` for each probe. + +a|*diagnose sys sdwan member* + +*diagnose sys virtual-wan-link member* + +|Show list of SD-WAN zone/interface members. Also gives each interface gateway IP (if was set, 0.0.0.0 if not), `priority`, and `weight` both by default equal `0`, used with some SLA Types. + +a|*diagnose sys sdwan service* + +*diagnose sys virtual-wan-link service* + +|List configured SD-WAN rules (aka `services`), except the Implied one which is always present and cannot be disabled, but is editable for the default load balancing method used. Shows member interfaces and their status `alive|dead` for this rule. + +a|*diag sys sdwan intf-sla-log * + +*diag sys virtual-wan-link intf-sla-log * + +|Print log of usage for the last 10 minutes. The statistics shown in bps: `inbandwidth`, `outbandwidth`, `bibandwidth`, `tx bytes`, `rx bytes`. + + +|=== + + + + +|*diag netlink interface clear * +|Clear traffic statistics on the interface, this resets statistics of the SD-WAN traffic passing over this interface. Needed, if, for example, you changed SD-WAN rules, but not sure if it's already active. E.g. `diag netlink interface clear port1`.