Network > Failover & Load Balancing

Network : Network > Failover & Load Balancing

Network > Failover & Load Balancing

Topics:

•

Failover and Load Balancing

•

Load Balancing Statistics

•

Multiple WAN (MWAN)

Failover and Load Balancing

For Failover & Load Balancing (LB), multiple WAN members are supported (N–1), where N is the total number of interfaces on a hardware platform). For example:

•

Primary WAN Ethernet Interface

•

Alternate WAN #1

•

Alternate WAN #2

•

Alternate WAN #<n–1> . . .

The Primary WAN Ethernet Interface has the same meaning as the previous firmware’s concept of “Primary WAN.” It is the highest ranked WAN interface in the LB group. The Alternate WAN #1 corresponds to “Secondary WAN,” it has a lower rank than the Primary WAN, but has a higher rank than the next two alternates. The others, Alternate WAN #2 and Alternate WAN #<n–1>, are new, with Alternate WAN #<n–1> being the lowest ranked among the four WAN members of the LB group.

The Failover and Load Balancing settings are described below:

•

Enable Load Balancing—This option must be enabled for the user to access the LB Groups and LB Statistics section of the Failover & Load Balancing configuration. If disabled, no options for Failover & Load Balancing are available to be configured.

•

Respond to Probes—When enabled, the appliance can reply to probe request packets that arrive on any of the appliance’s interfaces.

•

Any TCP-SYN to Port—This option is available when the Respond to Probes option is enabled. When selected, the appliance will only respond to TCP probe request packets having the same packet destination address TCP port number as the configured value.

Load Balancing Members and Groups

LB Members added to a LB Group take on certain “roles.” A member can only work in one of the following roles:

•

Primary—Only one member can be the Primary per Group. This member always appears first or at the top of the Member List. Note that although a group can be configured with an empty member list, it is impossible to have members without a Primary.

•

Alternate—More than one member can be an Alternate, however, it is not possible to have a Group of only Alternate members.

•

Last-Resort—Only one member can be designed as Last-Resort. Last-Resort can only be configured with other group members.

Each member in a group has a rank. Members are displayed in descending order of rank. The rank is determined by the order of interfaces as they appear in the Member List for the group. The order is important in determining the usage preferences of the Interfaces, as well as the level of precedence within the group. Thus, no two interfaces within a group will have the same or equal rank; each Interface will have a distinct rank.

General Tab

To configure the Group Member Rank settings:

1

Click the Configure icon of the Group you wish to configure on the Network > Failover & LB page. The Edit LB Group dialog displays.

2

On the General tab, modify the following settings:

•

Name—Edit the display name of the Group. The name of the default group cannot be changed.

•

Type—Choose the type (or method) of LB from the drop-down menu:

•

Basic Failover—The four WAN interfaces use rank to determine the order of preemption when the Preempt checkbox has been enabled. Only a higher-ranked interface can preempt an Active WAN interface.

•

Preempt and failback to preferred interfaces when possible—Select to enable rank to determine the order of preemption when Basic Failover is specified. Selected by default.

•

Round Robin—This option now allows the user to re-order the WAN interfaces for Round Robin selection. The order is as follows: Primary WAN, Alternate WAN #1, Alternate WAN #2, and Alternate WAN #3; the Round Robin will then repeat back to the Primary WAN and continue the order.

•

Spill-over—The bandwidth threshold applies to the Primary WAN. Once the threshold is exceeded, new traffic flows are allocated to the Alternates in a Round Robin manner. Once the Primary WAN bandwidth goes below the configured threshold, Round Robin stops, and outbound new flows will again be sent out only through the Primary WAN.

NOTE: Existing flows will remain associated with the Alternates (as they are already cached) until they timeout normally.

•

When bandwidth exceeds n Kbit/s on Primary, new flows will go to the alternate group members in Round Robin manner—Specify the bandwidth for the Primary. If this value is exceeded, new flows are then sent to alternate group members according to the order listed in the Selected column. The default value is 0.

•

Ratio—A percentages can be set for each WAN in the LB group. To avoid problems associated with configuration errors, ensure that the percentage corresponds correctly to the WAN interface it indicates.

•

Use Source and Destination IP Address binding—This option is not selected by default.

•

Group Members: Select here:/Selected:—Add, delete, and order member interfaces. The use of the selected members depends on the Type selected:

•

Basic Failover: Interface Ordering:

•

Round Robin: Interface Pool:

•

Spill-over: Primary/Alt. Pool:

•

Ratio: Interface Distribution:

3

Add members by selecting a displayed interface from the Group Members: column, and then clicking the Add>> button. You can order the entries in the Selected column by selecting an entry and then clicking the buttons. If you selected Ratio, instead of ordering the entries, you can specify the ratio of each group member in the % field. The total should add up to 100%. You can modify the ratio by clicking the Modify Ratio button or have the ratios adjusted automatically by clicking the Auto Adjust button.

Delete members from the Selected: column by selecting the displayed interface, and then clicking the <<Remove button.

NOTE: The interface at the top of the list is the Primary.

The Interface Rank does not specify the operation that will be performed on the individual member. The operation that will be performed is specified by the Group Type.

4

Optionally, enter this setting:

•

Final Back-Up—An entry in this setting is an interface of “last resort,” that is, an interface that is used only when all other interfaces in the Selected: group are either unavailable or unusable. To specify a Final Back-Up interface, select an entry in the Group Members list, and then click the double right arrow button. To remove a Final Back-Up interface, click the double left arrow button.

5

Click OK.

Probing Tab

When Logical probing is enabled, test packets can be sent to remote probe targets to verify WAN path availability. A new option has been provided to allow probing through the additional WAN interfaces: Alternate WAN #3 and Alternate WAN #4.

NOTE: VLANs for alternate WANs do not support QoS or VPN termination.

To configure the probing options for a specific Group:

1

Click the Configure icon of the Group you wish to configure on the Network > Failover & LB page. the Edit LB Group dialog displays.

2

Click the Probing tab.

3

Modify the following settings:

•

Check Interface every: n sec —The interval of health checks in units of seconds. The default value is 5 seconds.

•

Deactivate Interface after: n missed intervals—The number of failed health checks after which the interface sets to Failover. The default value is 3 seconds.

•

Reactivate Interface after: n successful intervals—The number of successful health checks after which the interface sets to Available. The default value is 3 seconds.

•

Probe responder.global.sonicwall.com on all interfaces in this group—Enable this checkbox to automatically set Logical/Probe Monitoring on all interfaces in the Group. When enabled, this sends TCP probe packets to the global SNWL host that responds to SNWL TCP packets, responder.global.sonicwall.com, using a target probe destination address of 204.212.170.23:50000. When this checkbox is selected, the rest of the probe configuration will enable built-in settings automatically. The same probe will be applied to all four WAN Ethernet interfaces.

NOTE: The Dialup WAN probe setting also defaults to the built-in settings.

4

Click OK.