How to Turn Off Auto Failover
Posted by on 27 January 2012 03:32 PM
Dual-WAN products, such as Vigor2950, support auto Failover in Loadbalance mode. When both wan connections are up, the traffic is routed out through these two wan links according to the LoadBalance Policy. If at any point one WAN link fails, all the traffic will be automatically routed to the other live connection.
This auto failover mechanism provides the company with high stability and availability. But in some cases you may want to bind some particular traffic to one specific wan port all the time, and even when this specific wan link fails the particular traffic will not fail over to the other live wan connection automatically.
Case1, some ISP may provide restricted VoIP service and Email service which are available only to their own subscribers. That is you have to use these “private” services from the lines that belong to that ISP, if you are connecting from different ISP’s lines you have no right to access the service and will be rejected by the ISP. In Figure 1, users behind Vigor 2950 are forced to use WAN2 connection to access the mail server at 220.127.116.11. So you create a Loadbalance policy as shown in Figure 2. If auto failover is enabled and WAN2 connection is down, the traffic towards 18.104.22.168 will be sent through WAN1 link and it will be rejected by the mail server because the IP address of the visitor is not within ISP B’s IP pool. Although the connection is terminated by the mail server, a session between the end user and the mail server may already exist in Vigor 2950’s session table. And if WAN2 link is recovered before this session expires, the connection destined for 22.214.171.124 from the same end node will always be routed to WAN1 link by the router, thus always fails until you reboot the router. It is because the existing sessions have higher priority than the loadbalance policies for the router to determine the path for a connection attempt. So you must turn off the auto failover function for this particular loadbalance policy(see Figure 3) so that the traffic towards 126.96.36.199 will never be sent to WAN1 port.
Note: Auto failover can be switched based on each Loadbalance policy. So you may enable it for some policies, whereas disable it for some special policies.
Case 2, for Address Mapping setup. Suppose 172.17.1.57 is one IP alias belong to WAN1 connection. When you setup address mapping to associate it with an internal client, say 192.168.1.11, you should also setup a loadbalance policy for 192.168.1.11 as shown in Figure 4. Otherwise, the traffic from 192.168.1.11 may be routed out from WAN2 with IP address 172.17.1.57 which will be discarded by the ISP2.