I performed the failover to test the ISP performance from secondary to primary. Now, the secondary ISP has become primary. However, I am noticing that the majority of the traffic is still going through the secondary, which was primary earlier. Load balancing is already enabled."
The MX can be configured to use both of its uplinks for load balancing. When load balancing is enabled under Security & SD-WAN > Configure > SD-WAN & Traffic shaping, traffic flows will be distributed between the two uplinks. The load distribution is based on the WAN 1 and WAN 2 throughput configured under Uplink configuration, such that the uplink with more throughput will distribute more flows.
In the example below, WAN 1 is configured to pass 50Mb/s, and WAN 2 is configured to pass 10Mb/s. Since the download speed ratio is 5/1, for every five flows sent over WAN 1, a single flow will be sent over WAN 2:
Flow preferences for internet-bound traffic can be configured to force traffic over a specific uplink based on its source and/or destination. These preferences can be used if a specific uplink should be designated for a particular type of traffic, such as traffic bound for a cloud-hosted service.
Note: ICMP traffic is not subject to traffic shaping rules. As a result, Flow Preference will have no impact on ICMP traffic.
To create a flow preference for internet traffic:
I just did that graceful failover by going to below settings so that's mean - Primary ISP which is now secondary are giving more throughput
When load balancing is enabled traffic flows will be distributed between the two uplinks. The load distribution is based on the WAN 1 and WAN 2 throughput configured under Uplink configuration, such that the uplink with more throughput will distribute more flows.
My suggestion is to disable load balancing to test.
Is there anyway to measure the primary ISP performance ? Is it bad compare to secondary ISP or better?
Disable balancing, set the primary uplink to the WAN you want to test and use a website like Speed Test to measure each link.
Thank you I will do that
Once i disabled the load balancing - I can also ping both the ISP IP's and monitor for any latency or packet loss..
I have disabled the load balancing however why do see the spike on secondary link - WAN 2 is a primary uplink right now
can you please answer?
If you have VPN traffic configured to use WAN 2, this may cause an increase in traffic. Could you check your SD-WAN policy settings?
What about Flow preferences > Internet Traffic Configuration?
Flow has nothing here
since all users are in office so I see WAN 2 is being utilized more
So it's ok, you said that WAN 2 is configured as primary uplink.
What's the problem?
Now there is no problem. I just came in and found that. Most of traffic going through WAN2 so I am good.. may be it takes some time to see the changes or verify in operations time.
Yes, between 2 and 5 minutes.
I have already enabled load balancing. Is there a way to track the network traffic to determine which one is going to WAN 1 or WAN 2?
Example- If i ping google.com how to determine that if network traffic is going from WAN1 or WAN2 or they are sharing the bandwidth at the same like monitor the traffic on WAN1 and WAN2 interfaces separately and observe the traffic patterns when you ping google.com
Have you checked the documentation?
The MX can be configured to use both of its uplinks for load balancing. When load balancing is enabled under Security & SD-WAN > Configure > SD-WAN & Traffic shaping, traffic flows will be distributed between the two uplinks. The load distribution is based on the WAN 1 and WAN 2 throughput configured under Uplink configuration, such that the uplink with more throughput will distribute more flows.
In the example below, WAN 1 is configured to pass 50Mb/s, and WAN 2 is configured to pass 10Mb/s. Since the download speed ratio is 5/1, for every five flows sent over WAN 1, a single flow will be sent over WAN 2:
I suggest you to read the documentation.
If you want immediate failback and don't care if existing connections are torn down change the "fallback behaviour" to immediate.
I have not configured the uplink configuration here
its default