D-Link NetDefend DFL-210 User Manual page 156

4.4. Route Load Balancing
achieve stickiness so the server always sees the same source IP address (WAN1 or WAN2) from a single client.
Command-Line Interface
gw-world:/> add RouteBalancingInstance main Algorithm=Destination
Web Interface
1. Go to Routing > Route Load Balancing > Instances > Add > Route Balancing Instance
2. The route balancing instance dialog will appear. Now select:
• Routing Table: main
• Algorithm: Destination
• Click OK
RLB with VPN
When using RLB with VPN, a number of issues need to be overcome.
If we were to try and use RLB to balance traffic between two IPsec tunnels, the problem that arises
is that the Remote Endpoint for any two IPsec tunnels in NetDefendOS must be different. The
solutions to this issue are as follows:
• Use two ISPs, with one tunnel connecting through one ISP and the other tunnel connecting
through the other ISP. RLB can then be applied as normal with the two tunnels.
In order to get the second tunnel to function in this case, you need to add a single host route in
the main routing table that points to the secondary ISPs interface and with the secondary ISPs
gateway.
This solution has the advantage of providing redundancy should one ISP link fail.
• Use VPN with one tunnel that is IPsec based and another tunnel that is uses a different protocol.
If both tunnels must be, for example, IPsec connects, it is possible to wrap IPsec in a GRE
tunnel (in other words, the IPsec tunnel is carried by a GRE tunnel). GRE is a simple tunneling
protocol without encryption and therefore involves a minimum of extra overhead. See
Section 3.3.5, "GRE Tunnels" for more about this topic.
156
Chapter 4. Routing