D-Link NetDefend DFL-210 User Manual page 85

4.2.2. Route Failover
Interface Link Status
Gateway Monitoring
Host Monitoring
Setting the Route Metric
When specifying routes, the administrator should manually set a route's Metric. The Metric is a pos-
itive integer that indicates how preferred the route is as a means to reach its destination. When two
routes offer a means to reach the same destination, NetDefendOS will select the one with the lowest
Metric value for sending data (if two routes have the same Metric, the route found first in the rout-
ing table will be chosen).
A primary, preferred route should have a lower Metric (eg."10"), and a secondary, failover route
should have a higher Metric value (eg."20").
Multiple Failover Routes
It is possible to specify more than one failover route. For instance, the primary route could have two
other routes as failover routes instead of just one. In this case the Metric should be different for each
of the three routes: "10" for the primary route, "20" for the first failover route and "30" for the
second failover route. The first two routes would have Route Monitoring enabled in the routing ta-
ble but the last one (with the highest Metric) would not since it has no route to failover to.
Failover Processing
Whenever monitoring determines that a route is not available, NetDefendOS will mark the route as
disabled and instigate Route Failover for existing and new connections. For already established con-
nections, a route lookup will be performed to find the next best matching route and the connections
will then switch to using the new route. For new connections, route lookup will ignore disabled
routes and the next best matching route will be used instead.
The table below defines two default routes, both having 0.0.0.0/0 as the destination, but using two
different gateways. The first, primary route has the lowest Metric and also has Route Monitoring en-
abled. Route Monitoring for the second, alternate route isn't meaningful since it has no failover
route.
Route #
1
2
When a new connection is about to be established to a host on the Internet, a route lookup will result
NetDefendOS will monitor the link status of the interface spe-
cified in the route. As long as the interface is up, the route is dia-
gnosed as healthy. This method is appropriate for monitoring that
the interface is physically attached and that the cabling is working
as expected. As any changes to the link status are instantly no-
ticed, this method provides the fastest response to failure.
If a specific gateway has been specified as the next hop for a
route, accessibility to that gateway can be monitored by sending
periodic ARP requests. As long as the gateway responds to these
requests, the route is considered to be functioning correctly.
The first two options check the accessibility of components local
to the D-Link Firewall. An alternative is to monitor the accessibil-
ity of one or more nominated remote hosts. These hosts might
have known high availability and polling them can indicate if
traffic from the local D-Link Firewall is reaching them. Host mon-
itoring also provides a way to measure the network delays in
reaching remote hosts and to initiate failover to an alternate route
if delays exceed administrator-specified thresholds.
Interface Destination
wan 0.0.0.0/0
wan 0.0.0.0/0
Gateway Metric
195.66.77.1 10
193.54.68.1 20
72
Chapter 4. Routing
Monitoring
On
Off