To use multiple ISP links simultaneously, configure load balancing. In load balancing mode, any WAN port carries any outbound protocol unless protocol binding is configured.
When a protocol is bound to a particular WAN port, all outgoing traffic of that protocol is directed to the bound WAN port. For example, if the HTTPS protocol is bound to the WAN1 port and the FTP protocol is bound to the WAN2 port, the VPN firewall automatically routes all outbound HTTPS traffic from the computers on the LAN through the WAN1 port. All outbound FTP traffic is routed through the WAN2 port.
Protocol binding addresses two issues:
• Segregation of traffic between links that are not of the same speed.
High-volume traffic can be routed through the WAN port connected to a high-speed link, and low-volume traffic can be routed through the WAN port connected to the low-speed link.
• Continuity of source IP address for secure connections.
Some services, particularly HTTPS, cease to respond when a client’s source IP address changes shortly after a session has been established.
Configure Load Balancing Mode for IPv4 Interfaces To configure load balancing mode:
1. Select Network Configuration > WAN Settings > WAN Mode. The WAN Mode screen displays:
Figure 20.
2. In the Load Balancing Settings section of the screen, configure the following settings: a. Select the Load Balancing Mode radio button.
b. From the corresponding drop-down list on the right, select one of the following load balancing methods:
• Weighted LB. With weighted load balancing, balance weights are calculated based on WAN link speed and available WAN bandwidth. This is the default setting and most efficient load balancing algorithm.
• Round-robin. With round-robin load balancing, new traffic connections are sent over a WAN link in a serial method irrespective of bandwidth or link speed. For example, if the WAN1, WAN2, and WAN3 interfaces are active in round-robin load balancing mode, an HTTP request could first be sent over the WAN1 interface, then a new FTP session could start on the WAN2 interface, and then any new connection to the Internet could be made on the WAN3 interface. This
loadbalancing method ensures that a single WAN interface does not carry a disproportionate distribution of sessions.
3. Click Apply to save your settings.
Configure Protocol Binding for IPv4 Interfaces (Optional) To configure protocol binding and add protocol binding rules:
1. Select Network Configuration > Protocol Binding.
2. Select the Load Balancing radio button. The Protocol Bindings screen displays. (The following figure shows two examples in the Protocol Bindings table.)
Figure 21.
The Protocol Bindings table displays the following fields:
• Check box.Allows you to select the protocol binding rule in the table. • Status icon. Indicates the status of the protocol binding rule:
- Green circle. The protocol binding rule is enabled. - Gray circle. The protocol binding rule is disabled.
• Service. The service or protocol for which the protocol binding rule is set up. • Local Gateway. The WAN interface to which the service or protocol is bound.
• Source Network. The computers or groups on your network that are affected by the protocol binding rule.
• Destination Network. The Internet locations (based on their IP address) or groups that are covered by the protocol binding rule.
• Action. The Edit table button, which provides access to the Edit Protocol Binding screen for the corresponding service.
3. Click the Add table button below the Protocol Binding table. The Add Protocol Binding screen displays:
Figure 22.
4. Configure the protocol binding settings as described in the following table: Table 6. Add Protocol Binding screen settings
Setting Description
Service From the drop-down list, select a service or application to be covered by this rule. If the service or application does not appear in the list, you need to define it using the Services screen (see Add Customized Services on page 177).
Local Gateway From the drop-down list, select one of the WAN interfaces.
Source Network The source network settings determine which computers on your network are affected by this rule. Select one of the following options from the drop-down list:
Any All devices on your LAN.
Single address In the Start IP field, enter the IP address to which the rule is applied. Address Range In the Start IP field and End IP field, enter the IP addresses for the
range to which the rule is applied.
Group If this option is selected, the rule is applied to the selected group. The group can be a LAN group or an IP (LAN) group.
Note: For information about LAN groups, see Manage IPv4 Groups and Hosts (IPv4 LAN Groups) on page 96. For information about IP groups, see Create IP Groups on page 179.
5. Click Apply to save your settings. The protocol binding rule is added to the Protocol Binding table. The rule is automatically enabled, which is indicated by the ! status icon that displays a green circle.
To edit a protocol binding:
1. On the Protocol Bindings screen (see Figure21 on page42), in the Protocol Bindings table, click the Edit table button to the right of the binding that you want to edit. The Edit Protocol Bindings screen displays. This screen shows the same fields as the Add Protocol Bindings screen (see the previous figure).
2. Modify the settings as described in the previous table. 3. Click Apply to save your settings.
To enable, disable, or delete one or more protocol bindings:
1. On the Protocol Bindings screen (see Figure21 on page42), select the check box to the left of the protocol binding that you want to enable, disable, or delete, or click the Select All table button to select all bindings.
2. Click one of the following table buttons:
• Enable.Enables the binding or bindings. The ! status icon changes from a gray circle to a green circle, indicating that the selected binding or bindings are enabled. (By default, when a binding is added to the table, it is automatically enabled.)
• Disable.Disables the binding or bindings. The ! status icon changes from a green circle to a gray circle, indicating that the selected binding or bindings are disabled. • Delete.Deletes the binding or bindings.
Destination Network
The destination network settings determine which Internet locations (based on their IP address) are covered by the rule. Select one of the following options from the drop-down list:
Any All Internet IP address.
Single address In the Start IP field, enter the IP address to which the rule is applied. Address range In the Start IP field and Finish field, enter the IP addresses for the
range to which the rule is applied.
Group If this option is selected, the rule is applied to the selected IP (WAN) group.
Note: For information about IP groups, see Create IP Groups on page
179.
Table 6. Add Protocol Binding screen settings (continued) Setting Description