The failings of router failover
Posted on 16 Nov 2012 at 12:17
Failover connection options in today's routers are often a miserable failure in themselves, argues Steve Cassidy
You may have noticed that we Real Worlders don’t do reviews. My voicemail isn’t packed with invitations to unbox new products for comparison and testing. I’m not unhappy about this, as I’m terribly bad at keeping track of all the bits – cellophane slipcases, registration cards, and incomprehensible multilingual safety information leaflets.
I’m particularly distracted by the latter: how green is it to ship wodges of paper that everyone instantly discards, rather than a one-shot CD, a USB key or perhaps just a URL, to tell you what to do if you accidentally eat the contents of a toner cartridge (or whatever else they’re for)?
Failover is a crackbrained idea, the refuge of the ignorant against the indifference of the uncaring
That’s why my investigations into multi-WAN connected routers don’t end up as massive 20-page special supplements stuffed with comparison charts and tables. Actually, what’s important about this section of the networks market isn’t really captured by comparison tables and graphs, because the key to the multi-WAN router business lies in a single feature: how does it manage load balancing?
To begin with, let’s nail down some terminology. Almost all router and firewall specifications you’ll see will employ the term "failover" to describe handling more than one link to the internet – you may also possibly see references to "active/active" or "active/passive" (often in the middle of a long and painful exploration of the nature of multiple connections).
Let’s look at "failover" first: the idea of failover is that, if you have several different links to the internet (whether ADSL, SDSL, ISDN, Fibre or whatever), you’ll want to send all your normal traffic over one of them, flipping over to a second only in the event that the first has a problem. That’s a strategy that appeals greatly in sales meetings with harassed entrepreneurs, because who wouldn’t like such an insurance policy, a bit of slack for those bad days when the light goes off on your router?
But, do you know what? I hate failover – in fact, the art department won’t let me use a font big, bold and scarlet enough to fully express the depth of my hatred. It’s a crackbrained idea, the refuge of the ignorant against the indifference of the uncaring.
Failover was originally designed when there was a sharp difference between the main link and the backup – for example, an ISDN line as the main and a plain dial-up phone line as backup or, for the rich, a leased KiloStream line. With such a setup nobody was in any doubt when failover happened because traffic would crawl almost completely to a stop; failover was a last-ditch concept, intended only for a passing and occasional role as your net connection. And I hated it even then.
A rarely used link of any kind is something telcos treat with suspicion, which may manifest as an engineer disconnecting the link, then waiting for you to make contact and ask what’s happened to your connection. That’s hardly the behaviour you want when the link in question is only there as a backup for something bigger and busier. So, having sold your MD on the idea of failover, the first time it’s called on in action, it falls flat on its face. I’ve wasted a lot of time over the years trying to fix the failover line when I should have been finding out (that is, screaming down the phone about) why the main connection had died in the first place.
There are a lot of differences between failover and loadbalancing.
We've just installed a failover set-up at a customer.
The office users use an SDSL connection for internet access, the production network uses an MPLS connection to the hosting provider for access to the SAP and other "business critical" systems.
If the MPLS dies, the secondary MPLS takes over, if that dies, the SDSL line to the office is cut off and the little Cisco ASA uses that to create an SDSL VPN to the hosting provider. If that fails, it switches over to 3G with VPN.
Under normal circumstances, the production network is not allowed anywhere near the "real" Internet, it only has access to the dedicated MPLS connection.
Using the right hardware, it works very nicely.
By big_D on 17 Nov 2012
My neighbour and I live in the countryside and hence have a 'slow' network area (5mb's max) and both occasionally work from home, needing reasonable bandwidth, so we teamed up to use a load balancing / failover router to double our capacity if each other isn't using the net, and provide a failover if one of our ISP's goes down. With virtual wireless and wired LAN's our networks are separated.
This provides a good solution that could help others in 'the sticks', just needs a geek in the street to know how to set it up!
Shame my UPS that the router is on didn't outlast the latest (3hr) power cut!
By Glyn_ on 17 Nov 2012
I have my fingers crossed for this home computing solution.
By Jacko55 on 17 Nov 2012
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Will HP finally split into two companies?
- Chromebooks get version of Photoshop
- Toshiba beats retreat from consumer PC market
- Ellison steps down: but who's really running Oracle now?
- Microsoft set to make more job cuts
- Is Peter Pan panto tickets email genuine? Oh no, it isn't
- Intel triples Xeon E5 chip performance, adds DDR4
- Patch Tuesday targets critical IE flaw
- Microsoft refuses to hand over customer emails
- Microsoft yanks Windows 8.1 update after crash reports