Hello everyone,
Today I will share with you High availability solution using IP-link on the S12700 NGFW module.
Project Background
The customer wants to have an auto-failover solution on their WAN network to achieve an active-standby link going to two different ISPs for high availability. Currently, the S12700 has no fail-over solution and when the indirect link goes down, it needs to be switched to the backup link manually.
Project Solution
There are two sites, the HQ and Branch between two different countries. There are two paths, L3 MPLS using static route and Internet using OSPF route. Configure IP-Link solution for detecting the status of the active link from HQ to Branch.
Test Topology
Configuration
1. Configure IP-link for detecting the status of the active link from HQ to Branch.
[S12700-NGFW] ip-link check enable
[S12700-NGFW] ip-link 1 destination 10.117.167.229 interface Eth-Trunk 1 mode icmp next-hop 172.16.13.4
[S12700-NGFW] quit
2. Configure two routes to Branch and bind the active route to IP-Link. When the active link becomes faulty, the backup route takes over service traffic.
[S12700-NGFW] ip route-static 10.117.167.228 30 172.16.13.4 description HQ_to_Branch
[S12700-NGFW] ip route-static 192.168.14.0 24 172.16.13.4 description Branch_LAN track ip-link 1
Test and Verification
After the configuration, the HQ can detect the active link to the CN site. In case of link failure, the traffic will switch to the backup link.
That is all I want to share with you! Thank you!
