Multi Wan Failover Question

Hello,

So we have two Fiber Links. Fiber Link A and B from two different providers.

Our router operates in Mixed Routing Mode with BGP so both of the links are active and using least cost routing.

Now normally if we have a total outage, the routes are pulled and everything automatically reroutes to the other fiber connection. Well today, there are some fiber cuts in the area, and according to one of our fiber providers, the bandwidth has just been scaled back. However, according to the watchguard, we are seeing latency of 50+ms, packet loss up to 75% so our internet was very difficult to use. I ended up just going and pulling the fiber connection into our network that was giving trouble so we could use the internet.

So my question is this: What settings can I implement that can monitor that packet loss and just yank the routes in the event there is an issue and then put them back in once the connection is stable?

Thanks!

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @travis_tmb
    You should be able to set ping targets with Multi-Wan, and use SD-WAN to move the routes to the more performant path. SD-WAN can do that based on loss, jitter, or latency based on your criteria.

    -James Carson
    WatchGuard Customer Support

  • I'll need some professional assistance configuring this. Any idea how I can go about doing that?

  • What exactly do you think that you need help with?

    Have you reviewed this?
    Configure SD-WAN
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/sd-wan/sd_wan_routing_configure.html

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @travis_tmb
    If you need assistance having someone set this up for you, I'd suggest reaching out to one of our partners at findpartner.watchguard.com.

    If you configure it yourself and it's not working, one of our support reps can assist via the support center button at the top right of the page.

    -James Carson
    WatchGuard Customer Support

  • Hello,

    I put in a ticket yesterday with High Priority because the issue was effecting our network. I am having an extremely difficult time getting up with anyone from WatchGuard.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @travis_tmb
    What's the case number -- I can go ensure your issue is with the correct team.

    -James Carson
    WatchGuard Customer Support

  • Yes it is: 01745902

  • @james.carson / @Bruce_Briggs ... When in Multi WAN with the Routing Table ... Does the WatchGuard use the Link Monitor to determine links that are Up/Down?

    My theory is that all I really need to do is to increase the scrutiny on the link before its reactivated. So my plan would be to increase the Reactivate after X consecutive successes and perhaps even the time. Thoughts?

    Thanks!

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @travis_tmb
    It uses link-monitor whenever there is more than one WAN configured. If no link monitor is configured, the system defaults to pinging the default gateway. of that connection.

    The default gateway is generally a bad choice, because that often represents the on-premise equipment that is sitting directly next to the firewall.

    -James Carson
    WatchGuard Customer Support

  • @james.carson ... Got it thats what I thought. I am pinging the DNS Servers of the ISP primarily.

    My issues the other day ... I am almost certain ... is because the link monitor was pinging every 5 seconds and after 3 successes was saying the link was back up ... then would fail on the very next try. I think if I increase the timer period and the amount of successes needed for reactivation, I won't experience network degradation like I had. Essentially the circuit was just flapping back and forth with 50% packet loss.

Sign In to comment.