D-Link DFL-1660 User Manual page 73

2.4.1. The Link Monitor
links to external devices are renegotiated.
• In an HA cluster setup, the link from the master to the external Internet (or other part of a
network) can be continually monitored so that should the link fail, the slave will take over
(assuming that the slave has a different physical connection to the monitored address). The
action chosen for HA should be either 2. Failover or 3. Failover and reconfigure.
If the first action option 1. Reconfigure is chosen in an HA cluster, then the reconfigure will
also cause a failover since it will temporarily suspend the master's operation while the
reconfigure takes place and the slave will take over when it detects this inactivity. If
reconfiguration with failover is desirable it is better to select the option 3. Failover and
reconfigure since this performs the failover first and is nearly instantaneous with almost no
traffic interruption. Reconfiguration first is slower and results in some traffic interruption.
To preserve all tunnels in a VPN scenario, it is best to choose the 2. Failover option since a
reconfiguration can cause some tunnels to be lost.
Link Monitoring with HA Clusters
The most common use for link monitoring is in the HA cluster scenario described above. It is
important that the master and slave do not duplicate the same condition that triggered the link
monitor. For example, if a particular router connected to the master NetDefend Firewall was being
"pinged" by link monitoring, the slave should not also be connected to that router. If it is, the
continued triggering of a reconfiguration by the link monitor will then cause the slave to failover
back to the master, which will then failover back to the slave again and so on.
If it is important to not allow a failover during reconfiguration of the active unit in an HA cluster
then the advanced setting Reconf Failover Time should be set to a value which is neither too low or
too high.
Reconf Failover Time controls how long the inactive unit will wait for the active unit to
reconfigure before taking over. Setting this value too low will mean the inactive unit does not wait
long enough. Setting the value too high could mean significant downtime if the active unit fails
during reconfiguration and the inactive unit needs to take over.
More information on clusters can be found in Chapter 11, High Availability.
Link Monitoring Parameters
The Link Monitor takes the following parameters:
Action
Addresses
Chapter 2. Management and Maintenance
Specifies which of the 3 actions described above
NetDefendOS should take.
Specifies a group of hosts to monitor. If at least half of them
do not respond, NetDefendOS assumes that there is a link
problem. A host's responses are ignored until NetDefendOS
has been able to reach it at least once. This means that an
unreachable host can be responsible for triggering an action
once but not twice.
A group of three hosts where one has been unreachable since
the last configuration will therefore be treated as a two-host
group until the third host becomes reachable. This also means
that if a link problem triggers an action and the problem is not
solved, NetDefendOS will not attempt to repeat the same
action until the problem is solved and the hosts are again
reachable.
73