How does the WAN Conectivity Check work?

Zyxel_Jason
Zyxel_Jason Posts: 374
25 Answers First Comment Friend Collector Fourth Anniversary
 Master Member
edited August 2021 in Nebula Security Gateway
WAN Connectivity Check is one of new features on NCC Phase 4.

Motivation of this feature:
Scenario:
NSG has dual active WAN interface that makes traffic potentially route across an interface with no Internet connection because of load sharing.

For example, NSG has WAN 1 and WAN 2 connection to perform load sharing.
However, when there is a remote routing failure on WAN 1, NSG can't detect it.
WAN Connectivity Check will let NSG detect the remote routing failure on WAN 1 and has event logs about it.

How it works:
1. NSG will send ICMP request to target domain name or IP address when enable this feature.
    The following is the mechanism of this feature:
    (1) Check Interval: 10 seconds
    (2) Check timeout: 5 seconds
    (3) Check Fail Tolerance: 3 times
    (4) Maximum time to detect failures: 45 seconds
2. Disables routing across WAN interface if connectivity check fails on that interface.

Where to configure:
You may find it on "GATEWAY > Configure > Interface addressing" to enable.


Jason