Failover and data link interruption avoidance

Failover and data link interruption avoidance is a network design practice that

  • ensures failover links and data interfaces travel through different paths to decrease the chance that all interfaces fail at the same time

  • prevents failover operation suspension when the failover link is down, and

  • maintains network resilience by using proper connection scenarios.

Connection scenarios

We recommend that failover links and data interfaces travel through different paths to decrease the chance that all interfaces fail at the same time. If the failover link is down, the failover operation is suspended until the health of the failover link is restored.

These connection scenarios help design a resilient failover network.

Scenario 1—Not recommended

If a single switch or a set of switches are used to connect both failover and data interfaces between two Firewall Threat Defense devices, then when a switch or inter-switch-link is down, both Firewall Threat Defense devices become active. Therefore, the two connection methods shown in these figures are not recommended.

Connecting with a single switch—not recommended

Connecting through a single switch. Not recommended.

Connecting with a double-switch—not recommended

Connecting with a double switch. Not recommended.

Scenario 2—Recommended

We recommend that failover links not use the same switch as the data interfaces. Instead, use a different switch or use a direct cable to connect the failover link, as shown in these figures.

Connecting with a different switch

Connecting with a different switch.

Connecting with a cable

Connecting with a cable.

Scenario 3—Recommended

If the Firewall Threat Defense data interfaces are connected to more than one set of switches, then a failover link can be connected to one of the switches, preferably the switch on the secure (inside) side of network, as shown in this figure.

Connecting with a secure switch

Connecting with a secure switch.