Understanding BGP Failover
Good Morning,
We have two watchguards in a firecluster with two fiber connections. If one of our connections starts losing connectivity such as high packet loss, I will receive an email from the WatchGuard indicating a multi wan failover. However, in the past few months we have experienced issues where sometimes the failover is not graceful.
We are using the routing table mode with Immediate Failback. What we would like is for if the WG can identify packet loss (which it can), it would be nice for it to go ahead and pull the routes so the network can stabilize to the other connection. Then after a certain time, it can continue to monitor the connection and then reintroduce the routes once the connection is stable.
The big problem we have run into lately is I have had to manually pull the link from the switch on the connection that is flapping so to speak in order to stabilize the network.
Any thoughts?
Comments
Hi @travis_tmb
I think the key to your problem is going to be to determine if your issue is a problem with the cluster, your BGP implementation, or your switches.
In an Active/Backup cluster, the firewalls switch which one talks to the network by changing which device is talking to your switches via the Firecluster's virtual MAC address (there will be a virtual MAC for each interface.) If your switch is flapping while talking to the firecluster, I'd start there first.
I'd suggest opening a support case so we can get more information about the failure, take a look at your BGP statement, and help from there.
-James Carson
WatchGuard Customer Support
Hi James,
Okay thanks!