* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Using two ISPs for redundant Internet connections
Survey
Document related concepts
Computer security wikipedia , lookup
Net neutrality wikipedia , lookup
Computer network wikipedia , lookup
Wireless security wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Airborne Networking wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Network tap wikipedia , lookup
Net neutrality law wikipedia , lookup
Deep packet inspection wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Web blocking in the United Kingdom wikipedia , lookup
Transcript
Using two ISPs for redundant Internet connections This example describes how to improve the reliability of a network connection using two ISPs. The example includes the configuration of equal cost multi-path load balancing, which efficiently distributes sessions to both Internet connections without overloading either connection. 1. Configuring connections to the two ISPs 2. Adding security policies 3. Configuring failover detection and spillover load balancing 4. Results Internet ISP 1 WAN 2 WAN 1 FortiGate LAN Internal Network ISP 2 Configuring connections to the two ISPs Go to System > Network > Interfaces and configure the wan1 and wan2 connections. Make sure that both use DHCP as the Addressing mode and have Retrieve default gateway from server and Override internal DNS enabled. Adding security policies Go to Policy > Policy > Policy. Create a security policy for the primary interface connecting to the ISPs and the internal network. Create a security policy for each interface connecting to the ISPs and the internal network. Configuring failover detection and spillover load balancing Go to Router > Static > Settings. Create two new Dead Gateway Detection entries. Set the Ping Interval and Failover Threshold to a smaller value for a more immediate reaction to a connection going down. Go to Router > Static > Settings and set the ECMP Load Balancing Method to Spillover. The Spillover Threshold value is calculated in kbps (kilobits per second). However, the bandwidth on interfaces is calculated in kBps (kilo Bytes per second). For wan1 interface, Spillover Threshold = 100 kbps = 100000 bps. Assume that 1000 bps is equal to 1024 bps. Thus, 100000 bps = 102400 bps = 102400/8 Bps = 12800 Bps. Results Go to Log & Report > Traffic Log > Forward Traffic to see network traffic from different source IP addresses flowing through both wan1 and wan2. Disconnect the wan1 port on the FortiGate unit to see that all traffic automatically goes through the wan2 port unit, until wan1 is available again.