The failings of router failover
Posted on 16 Nov 2012 at 12:17
Failover connection options in today's routers are often a miserable failure in themselves, argues Steve Cassidy
You may have noticed that we Real Worlders don’t do reviews. My voicemail isn’t packed with invitations to unbox new products for comparison and testing. I’m not unhappy about this, as I’m terribly bad at keeping track of all the bits – cellophane slipcases, registration cards, and incomprehensible multilingual safety information leaflets.
I’m particularly distracted by the latter: how green is it to ship wodges of paper that everyone instantly discards, rather than a one-shot CD, a USB key or perhaps just a URL, to tell you what to do if you accidentally eat the contents of a toner cartridge (or whatever else they’re for)?
Failover is a crackbrained idea, the refuge of the ignorant against the indifference of the uncaring
That’s why my investigations into multi-WAN connected routers don’t end up as massive 20-page special supplements stuffed with comparison charts and tables. Actually, what’s important about this section of the networks market isn’t really captured by comparison tables and graphs, because the key to the multi-WAN router business lies in a single feature: how does it manage load balancing?
To begin with, let’s nail down some terminology. Almost all router and firewall specifications you’ll see will employ the term "failover" to describe handling more than one link to the internet – you may also possibly see references to "active/active" or "active/passive" (often in the middle of a long and painful exploration of the nature of multiple connections).
Let’s look at "failover" first: the idea of failover is that, if you have several different links to the internet (whether ADSL, SDSL, ISDN, Fibre or whatever), you’ll want to send all your normal traffic over one of them, flipping over to a second only in the event that the first has a problem. That’s a strategy that appeals greatly in sales meetings with harassed entrepreneurs, because who wouldn’t like such an insurance policy, a bit of slack for those bad days when the light goes off on your router?
But, do you know what? I hate failover – in fact, the art department won’t let me use a font big, bold and scarlet enough to fully express the depth of my hatred. It’s a crackbrained idea, the refuge of the ignorant against the indifference of the uncaring.
Failover was originally designed when there was a sharp difference between the main link and the backup – for example, an ISDN line as the main and a plain dial-up phone line as backup or, for the rich, a leased KiloStream line. With such a setup nobody was in any doubt when failover happened because traffic would crawl almost completely to a stop; failover was a last-ditch concept, intended only for a passing and occasional role as your net connection. And I hated it even then.
A rarely used link of any kind is something telcos treat with suspicion, which may manifest as an engineer disconnecting the link, then waiting for you to make contact and ask what’s happened to your connection. That’s hardly the behaviour you want when the link in question is only there as a backup for something bigger and busier. So, having sold your MD on the idea of failover, the first time it’s called on in action, it falls flat on its face. I’ve wasted a lot of time over the years trying to fix the failover line when I should have been finding out (that is, screaming down the phone about) why the main connection had died in the first place.
There are a lot of differences between failover and loadbalancing.
We've just installed a failover set-up at a customer.
The office users use an SDSL connection for internet access, the production network uses an MPLS connection to the hosting provider for access to the SAP and other "business critical" systems.
If the MPLS dies, the secondary MPLS takes over, if that dies, the SDSL line to the office is cut off and the little Cisco ASA uses that to create an SDSL VPN to the hosting provider. If that fails, it switches over to 3G with VPN.
Under normal circumstances, the production network is not allowed anywhere near the "real" Internet, it only has access to the dedicated MPLS connection.
Using the right hardware, it works very nicely.
By big_D on 17 Nov 2012
My neighbour and I live in the countryside and hence have a 'slow' network area (5mb's max) and both occasionally work from home, needing reasonable bandwidth, so we teamed up to use a load balancing / failover router to double our capacity if each other isn't using the net, and provide a failover if one of our ISP's goes down. With virtual wireless and wired LAN's our networks are separated.
This provides a good solution that could help others in 'the sticks', just needs a geek in the street to know how to set it up!
Shame my UPS that the router is on didn't outlast the latest (3hr) power cut!
By Glyn_ on 17 Nov 2012
I have my fingers crossed for this home computing solution.
By Jacko55 on 17 Nov 2012
- Headings vs headers: how to use both in Word
- Windows Server 2012 R2: how the Datacenter edition could change SMBs
- Invoices and VAT: how to set up your documents correctly
- Nexus 5 vs Samsung Galaxy S4 Active: the best phone for avoiding screen burn
- How much is a social user worth?
- The key to choosing a secure password
- Thunderbolt Bridge: a fast Mac migration tool
- Should you advertise on Twitter?
- How to track a lost smartphone
- Self-publishing success: the best way to sell your book
- Quickest way to upload 1GB? Hop on a train
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- IDC: iPad intertia opens door for Windows tablets
- Office 365 goes social with "Oslo" news feed
- Windows XP: upgrading 30,000 PCs in 30 days
- LibreOffice: ignore Microsoft's "nonsense" on government's open source plans
- Intel Xeon E7 v2 servers support 6TB of RAM
- Microsoft promises video calls between Skype and Lync
- Office for iPad due before July
- Windows 7 on business PCs gets an extension
- Windows apps land on Chromebooks with VMware
- Office 365 gets two-factor authentication