Cellular Router Failover Strategies: A Life Jacket for Your Network (Part 2)

Share

This post is the second in a two-part series about failover strategies. It covers VPN connections, traffic spikes, and remote troubleshooting. See Part 1 of Cellular Router Failover Strategies.

Intra-company VPNs

A dedicated link from a remote office or branch to the head office isn’t as reliable or secure as a direct Internet connection using a Virtual Private Network (VPN). Multiple VPNs tunnels may be configured in several ways to provide secure, uninterrupted communications. One way is using a Dynamic Multipoint VPN (DMVPN). It offers encryption like a regular VPN but is a centralized architecture that securely manages many remote endpoints. DMVPN allows branch locations to communicate with one another over a WAN or the Internet and replaces an internal dedicated network. It doesn’t use a pre-configured VPN connection between two points. Instead, DMVPN creates VPN tunnels on an as-needed basis.

A DMVPN is a dynamic-mesh VPN network consisting of a central hub connecting remote routers, called spokes. Hubs accept new spokes without having to change the hub’s initial configuration. With a hub-and-spoke network, tunnels between spokes are dynamically built on demand. Endpoints use dynamic IP addresses and connect to each other using the VPN tunnels. Each tunnel has independent routing through the Internet and will use the most efficient path at the time. As the router manages traffic, it will reroute when the current tunnel experiences disruptions due to hardware or network problems.

DMVPN
Mesh networks have multiple hubs.

DMVPN offers several benefits over a permanent VPN, such as speed, reliability, cost reduction, reduced downtime, and automatic connections. An additional advantage is achieving redundancy by creating tunnels across dual routers and different cellular carriers within the branch’s network.

Handling Traffic Spikes

A network’s available bandwidth is sized to maintain regular traffic, but a spike in that traffic may be too much. Video streams are a leading cause of traffic spikes, but they can also result from file-sharing applications and software updates. The increasing number of devices connected to a network is also a common cause of congested traffic.

A redundant, secondary wireless link provides a simple solution to this problem, as it allows the primary connection to offload some of its traffic to the secondary. The secondary link activates during a high-traffic period, after which traffic is dynamically routed to the path with the most availability. Once the spike passes, the network releases the secondary link. The secondary link may be configured to activate only for specific devices or applications. This entire process is fully automated and transparent.

Routers with software-defined WAN capabilities can be configured to handle these failover strategies based on criteria such as general network conditions, specific application needs, or security requirements. These policies should consider the routers’ wireless services with an awareness of caps or restrictions on the cellular bandwidth. With advanced SD-WAN capabilities, routers can separate the data flow of demanding applications and devices by assigning them to different links. For example, splitting the database and financial applications from general web traffic is common for balancing a network’s workload.

Most high-performance cellular routers include a cloud-based dashboard that provides critical information like capacity, data usage, and failures at a glance. Dashboard values are frequently updated so administrators can quickly determine when traffic has reached a router’s limit and modify services if necessary. The dashboard provides insight into how applications are performing across the WAN.

The router should measure the quality of service (QoS) at the network’s application layer. QoS factors include jitter, latency, and packet loss, all of which help administrators better understand the users’ quality of experience (QoE) on the network. A Smart WAN Selection (SWAN) is a feature telling the router when the primary link’s quality is deteriorating, based on predefined policies. LTE and 5G routers maintain the network’s connections when the primary link fails by automatically switching to a wireless link, allowing applications to continue uninterrupted.

Troubleshooting Your Network Remotely

Unfortunately, you will lose access to all branch devices when the Internet or corporate network connection is lost. This occurrence traditionally required an on-site employee to troubleshoot the process. However, a wireless link provides another option for managing the network when the primary link is unavailable.

An enterprise-class cellular router offers out-of-band management (OOBM) to diagnose and fix network issues without disrupting the regular flow of traffic. It may be a physically separate or dedicated connection and is usually a single point of entry with trust boundaries. OOBM allows an IT manager to remotely access devices over the cloud and perform functions like reboot, shutdown, firmware updates, and other duties not available to an in-band connection. A dedicated wireless OOBM link may allow troubleshooting even when Ethernet or IP are not available on the router.

In-band management services let administrators connect to every device on the LAN with an IP address by using protocols like Hypertext Transfer Protocol (HTTP), HTTP Secure (HTTPS), Reliable Data Protocol (RDP), Secure Shell (SSH), and Virtual Network Computing (VNC). This process securely manages devices through the cloud without the need for additional hardware or software. However, in-band management may offer fewer services compared to a dedicated OOBM link. In-band and OOBM methods will monitor parameters, report anomalies, show where failovers occurred, provide time stamps, and indicate how much downtime was saved.

Summary

Network uptime is a critical parameter for many organizations, making wireless cellular links essential for maintaining operations. The need for network diversity and redundancy goes beyond traditional wired networks, especially with escalating cloud services and IoT devices. Fortunately, creating a resilient network with these features doesn’t need to be a complicated, expensive process.

Capabilities like cloud management, data plan monitoring, and zero-touch deployment allow administrators to quickly and efficiently implement and maintain a network. Advanced SD-WAN devices connect to cellular networks in a way that enhances the reliability of that network. They also allow administrators to develop and maintain traffic policies based on application requirements, network performance, and security.

Westward Sales distributes industrial electronics for networks, especially those designed for challenging work environments. We also add value and services to our products like cellular data plans, VPN management, and wireless site surveys. Contact us today to find out how we can make your networks more affordable and reliable.

Written by

Kelvin Aist is Founder and Sales Manager at Westward Sales. He has designed and sold networking and communication solutions his entire career. He frequently blogs for Westward Sales.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your email address will not be published. Required fields are marked *