Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 2371 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Uplink Balancing and Multipath Rules

Kosta88

Hello,

I'll first try to keep my question simple, before I go into many details. Maybe this will be enough:

I am using Uplink Balancing and Multipath Rules (as opposed to Policy Routes before) to switch to another WAN-Interface if one stops working. Also additionally using Multipath Rules to route some specific devices over a specific WAN-Port. However it doesn't work as I would want it to.

I have a device going over WAN2 (Multipath Rule, Itf. Persistence is by Interface). If WAN2 drops, it switches to WAN1. However, when WAN2 comes back online, it won't switch back to WAN2. And by the looks of it, it won't switch at all any more. The device is merely sending packets at 1sec interval to two specific IP-Adresses.

What am I missing?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Kosta88,

    I think that's by design ...
    a connection is reconnected in case of failure of a WAN interface and associated swing.
    An existing connection on the backup WAN interface will not be disconnected and reconnected just to pan back.
    I've seen this years ago with IPSec connection attempts too. Constant IKE connection attempts maintain (incorrect) interface binding.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • 0

    Hello Kosta88,

    I think that's by design ...
    a connection is reconnected in case of failure of a WAN interface and associated swing.
    An existing connection on the backup WAN interface will not be disconnected and reconnected just to pan back.
    I've seen this years ago with IPSec connection attempts too. Constant IKE connection attempts maintain (incorrect) interface binding.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
  • 0 in reply to dirkkotte

    I had a Sophos specialist today on the phone, and he told me he thinks it will swing back in case of the new (TCP) session. While UDP should go back, TCP will only then when the new sessions beging. We saw that the device I was testing actually didn't begin the new TCP session.

    Would be interesting to test deeper.

    Because if that doesn't work that way, I have no use for Multipath Rules and might as well use Policy Based Routing. I have to be able to determine that one signal always gets swinged to a specific WAN interface.

Unfiltered HTML