Network > WAN Failover & Load Balancing
SonicOS Enhanced 4.0 Administrator Guide
entry box is required (percentage for Primary WAN) The management interface
automatically populates the non-user-editable entry box with the remaining percentage
assigned to the Secondary WAN interface. Please note this feature will be overridden
by specific static route entries.
• Use Source and Destination IP Address Binding: When you are using
percentage-based load balancing, this checkbox enables you to maintain a
consistent mapping of traffic flows with a single outbound WAN interface,
regardless of the percentage of traffic through that interface. Therefore, the
outbound IP address of the connection remains consistent. However the
percentage of traffic in each WAN interface may not match the percentage you
specify in the Primary WAN Percentage field.
This method uses only the source IP address and the destination IP address to
determine when to bind a connection to a single interface and ignores all other
information, such as source and destination TCP port numbers.
Step 4 Click Apply.
Configuring WAN Interface Monitoring
Under the WAN Interface Monitoring heading, you can customize how the SonicWALL
security appliance monitors the WAN interface:
• Enter a number between 5 and 300, in the Check Interface Every _ Seconds field. The
default value is 5 seconds.
• In the Deactivate Interface after _ missed intervals, enter a number between 1 and 10.
The default value is 3, which means the interface is considered inactive after 3 consecutive
unsuccessful attempts.
• Enter a number between 1 and 10 in the Reactivate Interface after _ successful
intervals. The default value is 3, which means the interface is considered active after 3
consecutive successful attempts.
WAN Probe Monitoring
If Probe Monitoring is not activated, the SonicWALL security appliance performs physical
monitoring only on the Primary and Secondary WAN interfaces, meaning it only marks a WAN
interface as failed if the interface is disconnected or stops receiving an Ethernet-layer signal.
This is not an assured means of link monitoring, because it does not address most failure
scenarios (for example, routing issues with your ISP or an upstream router that is no longer
passing traffic). If the WAN interface is connected to a hub or switch, and the router providing
the connection to the ISP (also connected to this hub or switch) were to fail, the SonicWALL
will continue to believe the WAN link is usable, because the connection to the hub or switch is
Enabling probe monitoring on the Network > WAN Failover & Load Balancing page instructs
the SonicWALL security appliance to perform logical checks of upstream targets to ensure that
the line is indeed usable, eliminating this potential problem, as well as continue to do physical
monitoring. Under the default probe monitoring configuration, the SonicWALL performs an
ICMP ping probe of both WAN ports’ default gateways. Unfortunately, this is also not an
assured means of link monitoring, because service interruption may be occurring farther