D-Link DFL-260 Product Manual - Page 153
Multiple Failover Routes, Failover Processing, Re-enabling Routes, Route Interface Grouping
UPC - 790069296802
View all D-Link DFL-260 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 153 highlights
4.2.3. Route Failover Chapter 4. Routing lowest metric value for sending data (if two routes have the same metric, the route found first in the routing table will be chosen). A primary, preferred route should have a lower metric (for example "10"), and a secondary, failover route should have a higher metric value (for example "20"). Multiple Failover Routes It is possible to specify more than one failover route. For instance, the primary route could have two other routes as failover routes instead of just one. In this case the metric should be different for each of the three routes: "10" for the primary route, "20" for the first failover route and "30" for the second failover route. The first two routes would have route monitoring enabled in the routing table but the last one (with the highest metric) would not since it has no route to failover to. Failover Processing Whenever monitoring determines that a route is not available, NetDefendOS will mark the route as disabled and instigate route failover for existing and new connections. For already established connections, a route lookup will be performed to find the next best matching route and the connections will then switch to using the new route. For new connections, route lookup will ignore disabled routes and the next best matching route will be used instead. The table below defines two default routes, both having all-nets as the destination, but using two different gateways. The first, primary route has the lowest metric and also has route monitoring enabled. Route monitoring for the second, alternate route is not meaningful since it has no failover route. Route # 1 2 Interface wan wan Destination all-nets all-nets Gateway 195.66.77.1 193.54.68.1 Metric 10 20 Monitoring On Off When a new connection is about to be established to a host on the Internet, a route lookup will result in the route that has the lowest metric being chosen. If the primary WAN router should then fail, this will be detected by NetDefendOS, and the first route will be disabled. As a consequence, a new route lookup will be performed and the second route will be selected with the first one being marked as disabled. Re-enabling Routes Even if a route has been disabled, NetDefendOS will continue to check the status of that route. Should the route become available again, it will be re-enabled and existing connections will automatically be transferred back to it. Route Interface Grouping When using route monitoring, it is important to check if a failover to another route will cause the routing interface to be changed. If this could happen, it is necessary to take some precautionary steps to ensure that policies and existing connections will be maintained. To illustrate the problem, consider the following configuration: Firstly, there is one IP rule that will NAT all HTTP traffic destined for the Internet through the wan interface: Action NAT Src Iface lan Src Net lannet Dest Iface wan Dest Net all-nets Parameters http 153