Configure Application Reachability Probes
Table of Contents
Configure Application Reachability Probes
Learn more about the Prisma SD-WAN application reachability probes.
Application probes are initiated on detection of an unreachable prefix for an application.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Configure application probes to check an application's reachability for a given path
for an ION device. Application probes are initiated on detection of an unreachable
prefix for an application. You may configure application reachability probes on any
valid Layer 3 LAN interface.
Prisma SD-WAN supports dynamic probing
for TCP applications when 3-way handshake failures are detected. The ION device
generates these dynamic probes to verify that a destination service is actually up
or down on that path. If verified as down, the ION device avoids sending additional
user requests for the service down the specific path while continuing to generate
synthetic probes to detect any change in service reachability.
Starting with Release 6.3.2, Prisma SD-WAN supports probing for UDP DNS traffic. The application
probes handle DNS probe requests and start a DNS probe on the destination on
receiving a DNS probe request. If the DNS server responds to the request,
irrespective of whether it responds with the requested domain name, the ION device
treats the probe as successful. If the DNS server does not respond, the application
probe notifies the flow controller to change the path.
When the probe detects that the DNS server is
unreachable, the ION device continues probing once every minute for the first three
probes and then once every 5 minutes. If the probe is successful again, the probe
notifies the flow controller to use the path again.
You can view the health of the DNS traffic under .
Application probe is enabled by default for all ION devices, except for ION 1000. The
controller port generates the application probes if you do not configure any LAN
ports for generating application probes.
For the ION 1000 device, you must configure a LAN port for the application probe. If
not, the controller generates an alarm.
You can choose to exclude specific circuits and circuit categories from being used
for checking the reachability of an application on a given path. Refer Configure Device Initiated
Connections.
- Select , select the device you want to configure.Select Interfaces and a port for configuring application reachability probes.Select LAN in the For Use this Port option.Once an interface is designated as the application probe interface, Use This Port For cannot be changed from LAN and Admin Up for the interface has to be Yes.Toggle Yes for Application Reachability Probe Source Interface.Select Static or DHCP for Configuration.Retain the default values for the other fields, and Save Port.
![]()
View and update the application reachability probe configuration from the Basic Info tab.- Toggle Yes for Application Reachability Probe Source Interface.Select a port from the Source Interface drop-down.The ports which have Use This Port For set to LAN appear in the drop-down.Select None for Source Interface to use the controller port as the source interface for generating application probes.Ensure that you configure a source interface for ION device series 1200, 1200-S, 3200, 5200, and 9200, since these platforms do not have a dedicated controller port.
