Metering and Standby WAN Links
Citrix SD-WAN supports enabling metered links, which can be configured such that user traffic is only transmitted on a specific Internet WAN Link when all other available WAN Links are disabled.
Metered links conserve bandwidth on links that are billed based on usage. With the metered links you can configure the links as the Last Resort link, which disallows the usage of the link until all other non-metered links are down or degraded. Set Last Resort is typically enabled when there are three WAN Links to a site (that is, MPLS, Broadband Internet, 4G/LTE) and one of the WAN links is 4G/LTE and might be too costly for a business to allow usage unless it is necessary. Metering is not enabled by default and can be enabled on a WAN link of any access type (Public Internet / Private MPLS / Private Intranet). If metering is enabled, you can optionally configure the following:
- Data Cap
- Billing Cycle (weekly/monthly)
- Start Date
- Standby Mode
- Priority
- Active heartbeat interval - Interval at which a heartbeat message is sent by an appliance to its peer on the other end of the virtual path when there has been no traffic (user/control) on the path for at least a heartbeat interval
With a local metered link, the dashboard of an appliance shows a WAN Link Metering table at the bottom with metering information.
Bandwidth usage on a local metered link is tracked against the configured data cap. When the usage exceeds 50%, 75% or 90% of the configured data cap, the appliance generates an event to alert the user and a warning banner is displayed across the top of the dashboard of the appliance. A metered path can be formed with 1 or 2 metered links. If a path is formed between two metered links, the active heartbeat interval used on the metered path is the larger of the two configured active heartbeat intervals on the links.
A metered path is a non-standby path and is always eligible for user traffic. When there is at least one non-metered path that is in GOOD state, a metered path carries the reduced amount of control traffic and is avoided when the forwarding plane searches for a path for a duplicate packet.
Standby mode
The standby mode of a WAN link is disabled by default. To enable standby mode, you must specify in which one of the following two modes the standby link operates
-
On-demand: The standby link that becomes active when one of the conditions is met.
When the available bandwidth in the virtual path is less than the configured on-demand bandwidth limit AND there is sufficient usage. Sufficient usage is defined as more than 95% (ON_DEMAND_USAGE_THRESHOLD_PCT) of the current available bandwidth, or the difference between current available bandwidth and current usage is less than 250 kbps (ON_DEMAND_THRESHOLD_GAP_KBPS) both parameters can be changed using t2_variables when all the non-standby paths are dead or disabled.
-
Last-resort - a standby link that becomes active only when all non-standby links and on-demand standby links are dead or disabled.
-
Standby priority indicates the order in which a standby link becomes active, if there are multiple standby links:
-
a priority 1 standby link becomes active first whereas a priority 3 standby link becomes active last
-
Multiple standby links can be assigned the same priority
-
When configuring a standby link, you can specify standby priority and two heartbeat intervals:
-
Active heartbeat interval - the heartbeat interval used when the standby path is active (default 50ms/1s/2s/3s/4s/5s/6s/7s/8s/9s/10s)
-
Standby heartbeat interval - the heartbeat interval used when the standby path is inactive (default 1s/2s/3s/4s/5s/6s/7s/8s/9s/10s/disabled)
A standby path is formed with 1 or 2 standby links.
-
On-Demand - An on-demand standby path is formed between:
- a non-standby link and an on-demand standby link
- 2 on-demand standby links
-
Last-Resort - A last-resort standby path is formed between:
- a non-standby link and a last-resort standby link
- an on-demand standby link and a last-resort standby link
- 2 last-resort standby links
The heartbeat intervals used on a standby path are determined as follows:
- If standby heartbeat is disabled on at least 1 of the 2 links, heartbeat is disabled on the standby path while inactive.
- If standby heartbeat is not disabled on either link, then the larger of the two values are used when the standby path is standby.
- If active heartbeat interval is configured on both links, then the larger of the two values are used when the standby path is active.
Heartbeat (keep alive) messages:
- On a non-standby path, heartbeat messages are sent only when there has been no traffic (control or user) for at least a heartbeat interval. The heartbeat interval varies depending on the path state. For non-standby, non-metered paths:
- 50 ms when the path state is GOOD
- 25 ms when the path state is BAD
On a standby path, the heartbeat interval used depends on the activity state and the path state:
-
While inactive, if the heartbeat is not disabled, heartbeat messages are sent regularly at the configured standby heartbeat interval since no other traffic is allowed on it.
-
the configured active heartbeat interval is used when the path state is GOOD.
-
1/2 the configured active heartbeat interval is used when the path state is BAD.
-
While active, like non-standby paths, heartbeat messages are sent only when there has been no traffic (control or user) for at least the configured active heartbeat interval.
-
the configured standby heartbeat interval is used when the path state is GOOD.
-
1/2 the configured standby heartbeat interval is used when the path state is BAD.
While inactive, standby paths are not eligible for user traffic. The only control protocol messages sent on inactive standby paths are heartbeat messages, which are for connectivity failure detection and quality metrics gathering. When standby paths are active, they are eligible for user traffic with added time cost. This is done so that the non-standby paths, if available, are favored during forwarding path selection.
The path state of a standby path with disabled heartbeat, while inactive, is assumed to be GOOD and it is displayed as GOOD in the Path Statistics table under Monitoring. When it becomes active, unlike a non-standby path that starts in DEAD state until it hears from its Virtual Path peer, it starts in GOOD state. If connectivity with the Virtual Path peer is not detected, the path goes BAD and then DEAD. If connectivity with the Virtual Path peer is re-established, the path goes BAD and then GOOD again.
If such standby path goes DEAD and then becomes inactive, the path state does not immediately change to (assumed) GOOD. Instead, it is kept in DEAD state for time so that it cannot be used immediately. This is to prevent activity from oscillating between a lower priority path group with assumed good DEAD paths and a higher priority path group with actually GOOD paths. This on-hold period (NO_HB_PATH_ON_HOLD_PERIOD_MS) is set to 5 min and can be changed via t2_variables.
If path MTU discovery is enabled on a Virtual Path, the standby path’s MTU is not used to calculate the Virtual Path’s MTU while the path is standby. When the standby path becomes active, the Virtual Path’s MTU is recalculated considering the standby path’s MTU. (The Virtual Path’s MTU is the smallest path MTU among all active paths within the Virtual Path).
Events and log messages are generated when a standby path transitions between standby and active.
From SD-WAN 11.5 onwards, you can configure metered and standby WAN links using Citrix SD-WAN Orchestrator service. For more information, see Metering and Standby WAN Links.
Configuration pre-requisites:
- A meter link might be of any access type.
- All links at a site can be configured with metering enabled.
- A standby link might be of Public Internet or Private Intranet access type. A WAN link of Private MPLS access type cannot be configured as a standby link.
- At least one non-standby link must be configured per site. A maximum of 3 standby links per site is supported.
- Internet/Intranet services might not be configured on on-demand standby links. On-demand standby links support Virtual Path service only.
- Internet service might be configured on a last-resort standby link, but only load balance mode is supported.
- Intranet service might be configured on a last-resort standby link, but only secondary mode is supported and primary reclaim must be enabled.
Monitor metered and standby WAN links
-
The Dashboard page provides the following WAN Link Metering information with the usage values:
- WAN Link Name: Displays the WAN link name.
- Total Usage: Displays the total traffic usage (Data usage + Control usage).
- Data Usage: Displays the usage by user traffic.
- Control Usage: Displays the usage by control traffic.
- Usage (in %): Displays the used data cap value in percentage (Total Usage/Data Cap) x 100.
- Billing Cycle: Billing frequency (weekly/monthly)
- Starting From: Start date of the billing cycle
- Days Elapsed: The time elapsed (in days, hours, minutes, and seconds)
-
When path statistics (Monitoring > Statistics > Paths) are displayed, metered links and standby links are marked as shown in the screenshot.
-
If the appliance has a Virtual Path that has a local or remote on-demand standby link, when WAN link usage statistics are viewed, an extra table showing on-demand bandwidth is displayed at the bottom of the page (Monitoring > Statistics > WAN Link Usage).
-
When the usage on a metered link exceeds 50% of the configured data cap, a warning banner is displayed across the top of the dashboard. In addition, if the usage exceeds 75% of the configured data cap, the numerical metering information toward the bottom of the dashboard is highlighted.
A WAN link usage event is also generated at the appliance when the usage exceeds 50%, 75%, and 90% of the configured data cap.
-
When a standby path transitions between standby and active state, an event is generated by the appliance.
-
The configured active and standby heartbeat intervals for each path can be viewed at Configuration > Virtual WAN > View Configuration > Paths.