I'm working on setting up a zywall USG-100 firewall. I can get everything to work but now I'm trying to get the 2 wans to work correctly.
They both work individually but I'm having trouble with the trunk setup.
We have two connections, our main has 60/10 mbit up/down and our backup has 8/1 mbit up/down. So the backup really is just a backup to keep email and the vpn just going untill the main comes back online.
Now to setup the wan trunk I have 3 protocols I can choose: - Weighted round robin - Least load first - spillover
Now I can sorta guess what they do, but not exactly. Now what protocol should I use and with what settings (weight or speed)??
I hope someone can help me, if more info is needed, just comment.
Update
as you can see these are the only options I get
Spillover can approximate failover by setting the Egress Bandwidth on the fast connection to a value much greater than its maximum bandwidth.
Assuming wan1 is the fast connection, adding wan1 followed by wan2 to the user configured trunk means that when both connections are up, wan2 will never see any traffic because the bandwidth will never exceed wan1's specified egress bandwidth. When wan1 goes down, wan2 picks up the traffic.
The egress bandwidth is set in the Configuration/Network/Interface/Ethernet tab for each of the wan connections. Also, the connectivity check should be enabled for at least wan1.
As user97408 points out, you should change the mode of the backup interface to Passive. If you only have one Active interface, the load balancing algorithm selection doesn't really matter. (Screenshot Edit WAN_TRUNK)
I have also enabled Connectivity Check in the settings of each wan Ethernet interface, as in my setup the ZyWall is unlikely to see link loss on outage (it is connected to a local switch with UPS power). (Screenshot Edit Ethernet wan1)
With the default check settings, the ZyWall takes about 2 minutes to detect
wan1down and switch towan2. Switching back seems to be a lot faster (about 15-30 seconds).I have a usg 50 that i am working with and the answer has to do with setting up a custom trunk. then in the trunk settings, set the fast connection to active and the slow connection to passive. then, under routing, you need to add a policy route that redirects all traffic to the new trunk.
other things that i did, but i am not sure that they are right: 1. set the new trunk to default. 2. used least load as the trunk design. the instructions i found did address which algorithm to use and i suspect it is because they will not matter since they are for load balancing and the active passive should take precedence.