Skip to main content
sims
sims
Explorer II
July 3, 2019
Solved

link health monitor

  • July 3, 2019
  • 1 reply
  • 3634 views

Hi,

What is the logic behind of using server ip ( behind or beyond  the router ) 

    Best answer by Grave_Rose

    Hey sims,

     

    I would suggest pinging a device beyond the gateway to ensure that you have connectivity beyond just the one hop. Let's pretend that your WAN links are connected to two different Cisco routers each on gig1/1. If you only ping the IP address on the directly connected network (ie: The IP address of gig1/1) and the router's upstream interface (ie: Interface gig1/2) goes down, your WAN link will still stay up but no traffic will pass through that router. You have now lost Internet access.

     

    However if you're pinging something like 8.8.8.8 and gig1/2 goes down on the WAN1 link router, then it will fail over to WAN2. This is what ede_pfau was saying with: "Way more probable is that access to the internet via this WAN line will be broken, i.e. a logical link will fail."

     

    Hope this helps,

     

    Sean (Gr@ve_Rose)

    1 reply

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    July 3, 2019

    A failover is - by default - triggered by a link failure. The monitored port needs to see a link-down.

    But this is not what you see in practice.

    Imagine you have 2 WAN lines, on 2 WAN ports. The FGT is connected to the WAN line via modem(s).

     

    Now the link on the WAN port will be UP until the modem dies. Way more probable is that access to the internet via this WAN line will be broken, i.e. a logical link will fail.

     

    To determine that a path through an interface, some hardware and your ISP's network is down you set up a ping server to some host on the internet which is (deemed) always up. If 5 consecutive pings to that server fail, the FGT fails that WAN port and deletes it's default route. Hopefully you have a second WAN line with a second (more costly) default route which then will be followed.

    sims
    simsAuthor
    Explorer II
    July 3, 2019

    Hi,

    Instead of pinging the server why we should not ping the gateway .

     

     

     

    Grave_Rose
    Grave_RoseAnswer
    New Member
    July 3, 2019

    Hey sims,

     

    I would suggest pinging a device beyond the gateway to ensure that you have connectivity beyond just the one hop. Let's pretend that your WAN links are connected to two different Cisco routers each on gig1/1. If you only ping the IP address on the directly connected network (ie: The IP address of gig1/1) and the router's upstream interface (ie: Interface gig1/2) goes down, your WAN link will still stay up but no traffic will pass through that router. You have now lost Internet access.

     

    However if you're pinging something like 8.8.8.8 and gig1/2 goes down on the WAN1 link router, then it will fail over to WAN2. This is what ede_pfau was saying with: "Way more probable is that access to the internet via this WAN line will be broken, i.e. a logical link will fail."

     

    Hope this helps,

     

    Sean (Gr@ve_Rose)

    Terms & ConditionsAccessibility statement