How to setup Port Redundancy on SonicWall?
01/19/1970 13 3499
Port Redundancy provides a simple method for configuring a redundant port for a physical Ethernet port. This is a valuable feature, particularly in high-end deployments, to protect against switch failures being a single point of failure.
When the primary interface is active, it processes all traffic to and from the interface. If the primary interface goes down, the secondary interface takes over all outgoing and incoming traffic. The secondary interface assumes the MAC address of the primary interface and sends the appropriate gratuitous ARP on a Failover event. When the primary interface comes up again, it resumes responsibility for all traffic handling duties from
the secondary interface.
In a typical Port Redundancy configuration, the primary and secondary interfaces are connected to different switches. This provides for a Failover path in case the primary switch goes down. Both switches must be on the same Ethernet domain. Port Redundancy can also be configured with both interfaces connected to the same switch.
Port Redundancy Failover:
SonicWall provides multiple methods for protecting against loss of connectivity in the case of a link failure, including High Availability (HA), Load Balancing Groups (LB Groups), and now Port Redundancy. If all three of these features are configured on a Security Appliance, the following order of precedence is followed in the case of a link failure:
- Port Redundancy
- LB Group
When Port Redundancy is used with HA, Port Redundancy takes precedence. Typically an interface Failover causes an HA Failover to occur, but if a redundant port is available for that interface, then an interface Failover occurs, but not an HA Failover. If both the primary and secondary redundant ports go down, then an HA Failover occurs (assuming the secondary Security Appliance has the corresponding port active).
When Port Redundancy is used with an LB Group, Port Redundancy again takes precedence. Any single port (primary or secondary) failures are handled by Port Redundancy just like with HA. When both the ports are down then LB kicks in and tries to find an alternate interface.
Port redundancy limitations:
- This feature is supported on all 1 Gbit and 2.5 Gbit interfaces on SuperMassive and NSA platforms. However it's not supported on the 10 Gbit interfaces of our NSA x600 appliances and Supermassive 9x00 appliances. (x stand for the model of the appliance)
- The feature is not supported on platforms that do not support Advanced Switching features, including SOHO/W, SOHO250/W, TZ300/W, TZ350/W, TZ400/W, TZ500/W, TZ600 and NSA 2600.
- No limitations for Gen 6.5 NSa 2650 to 9650.
Port Redundancy Configuration:
- Navigate to MANAGE | System Setup | Network | Interfaces.
- Click the Configure icon for the interface that is to be designated the master of the Link Aggregation Group. The Edit Interface dialog displays.
- Click Advanced.
- Set the Link Speed for the interface to Auto-Negotiate.
- From Redundant/Aggregate Ports, select Port Redundancy. Another option displays.
- The Redundant Port option displays all of the currently unassigned interfaces available. Select one of the interfaces; the default is None.
NOTE: After an interface is selected as a Redundant Port, its configuration is governed by the primary interface and it cannot be configured independently. In the Interface Settings table, the interface's zone is displayed as Redundant Port, and the Configuration icon is removed.
- Click OK. If Web Management has not been configured for the interface, a message displays.
a) Click OK.
b) Enable Web Management on another interface.
Please refer to the KB: How To Configure Link Aggregation for link aggregation configuration steps.