A better Connectivity Check for switches and USG

PeterUK

So also to do for
https://community.zyxel.com/en/discussion/16665/fail-over-without-nat#latest

Now that I have a web site and made it do things I could never of done in my dreams like the Network Layout Builder that can simulate network traffic sending I can now show want I would really like and show it working.

So in short Connectivity Check is limited to a given interface per route rule so here is my idea make it work globally on the device per given rule and firewall and should the Connectivity Check pass if the rule should enable or disable currently only connectivity works by if pass rule should enable

so here are so demo files to load at

https://bridgemode.base44.app/NetworkLayoutBuilder

For Connectivity Check for switches for Server/Client 1 port when you try to do send packet will fail due to a block ARP rule on port 23 on port 1 of the Server/Client 1 send packet works to Internet Source 1 then double click to delete link line for Internet Source 1 the Connectivity Check by the switch fails which enable rule on port 1 to block ARP and allow ARP on port 23 for the Server/Client 1 on port 2 to use Internet Source 2

Connectivity Check for USG test 1 you have a normal fail over with two LAN's on different subnets you delete link line for Internet Source 1 clients use Internet Source 2 nothing new but note that with this better Connectivity Check method you only need one Connectivity link for two routeing rules or more meaning less pinging is needed.

Connectivity Check for USG test 2 and now you can have Connectivity Check be done on a unrelated routeing rule so that Server/Client 1 port 3 can't do like DNS to the DNS Server unless you delete link line for Internet Source 1 then you can by send packet to 192.168.53.50 to 53 that the firewall DNAT and SNAT to then make it back to the Server/Client 1

Connectivity Check.zip