Link Failure Detection

Link Failure Detection

You are here:
< Back

Fail over between available WAN links is triggered by a link failure detection. Correctly configuring reliable link failure detection is key to ensuring this feature works as expected.

Link Failure Types

Typically there are two different ways that a WAN link can fail.

  • Underlying WAN route fails (e.g. internet service is down)
  • WAN device failure (power failure of the WAN modem device)

The most common type of failure you want to detect is the underlying WAN route failure, so this is what you should always configure when you want high availability of your internet connection. Configuring this correctly will also detect the WAN device failure, which ensures reliable fail over in all circumstances.

Configuration of only WAN device failure can result in a loss of connectivity not being detected unless the WAN device itself has failed or it actively disables the ethernet link when the WAN link goes down – because some devices do this, this is the default configuration unless the WAN setup is changed.

Ensuring WAN Link Failure Detection

Draytek routers can send a ping request to a known external IP address and wait for a reply. If the reply is not received within the timeout period and this fails repeatedly, the link is considered to be down because traffic is deemed to have stopped flowing on the link.

When the link begins to receive echo replies again, the link is detected as resumed and fail-back, if configured, is activated.

Configure Ping Link Failure Detection

The WAN connection detection settings should be configured with an external IP address which will respond to a PING, such as the Google public DNS server, 8.8.8.8.

It is also recommended to ping the link gateway IP address (depending on your configuration) as this is the ISP’s gateway IP which routes all your traffic. Provided this IP does permit a PING required (typically it does, but it does depend on the ISP). If this is enabled but does not respond, the WAN link is almost certainly down.

The TTL should be set to a high number (the default 255 is sensible) to ensure the packet is not expired due to the number of network hops required.

The ping interval should be reasonably high so you do not send too many nuisance packets to your echo destination. However, the higher this delay is, the longer it can take to detect a link failure. A figure between 8-16 seconds is normally considered reasonable.

The ping retry requires 2 (or more) consecutive failures. Keep this at least at 2 as otherwise occasional packet drops could cause unnecessary link fail-over.

nsscaninc