Enabling Internet Service Provider (ISP) redundancy

  • Article

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This topic describes how to enable Internet service provider (ISP) redundancy, which allows you to link two external network adapters to two different ISPs.

There are two ISP redundancy modes:

  • High availability mode—Designates a primary link over which all outbound Internet traffic will flow, and a backup link that activates automatically if the first link fails.

  • Load-balancing mode—Directs outbound Internet traffic between two ISP links concurrently, and sets the percentage of total Internet traffic per link. It also supports failover if one of the links fails.

The following procedures describe:

  • Running the ISP Redundancy Wizard—How to run the wizard.

  • Configuring TCP/IP properties on the network adapters—How to set a default gateway and disable the automatic metric feature. You must do this on both network adapters.

  • Creating persistent static routes—How to create a persistent static route from each network adapter to the DNS servers for each ISP.

Running the ISP Redundancy Wizard

To run the ISP Redundancy Wizard

  1. In the Forefront TMG Management console tree, click the Networking node.

  2. In the details pane, click the ISP Redundancy tab.

  3. On the Tasks tab, click Enable ISP Redundancy, and then follow the instructions in the wizard. Note the following:

    1. Each network must have a Network Address Translation (NAT) relationship with the external network.

    2. Static NAT rules take precedence over ISP redundancy configuration settings. This means that static NAT traffic directed to a specific ISP link is not rerouted if the link is down.

    3. When configuring load balancing, you can designate that traffic sent to a range of IP addresses is routed to a specific ISP link. To do this, click Explicit Route Destinations, and then click Add Range. You can add multiple ranges.

    4. After completing the wizard and clicking Apply on the Apply Changes bar, any existing connections will continue over their current Internet link. The newly applied policy is relevant for new connections only.

Configuring TCP/IP properties on the network adapters

To enable ISP redundancy, you must set a default gateway and disable the automatic metric feature on both network adapters.

To configure the network adapters

  1. In Start Search, type ncpa.cpl and press ENTER. Do the following for both network adapters:

  2. Right-click on an external network interface, and then click Properties.

  3. Click Internet Protocol 4 (TCP/IPv4), and then click Properties.

  4. Click the General tab, and do the following:

    1. Select Use the following IP address, and type the IP address of the default gateway supplied by the relevant ISP.

      Note

      You may receive a pop-up alert warning against creating multiple default gateways on a single computer. In this case, you can safely ignore the warning; click Yes to save the configuration.

    2. Click Advanced, clear the Automatic metric check box, and then enter the required metric in the Interface Metric field.

      Note

      • The network adapter with the lower metric value has higher priority. It is recommended that you set a lower interface metric value for the network adapter that will serve as the primary link in failover mode, or the adapter that will handle more traffic in load balancing mode.

      • For more information about the interface metric feature, see An explanation of the Automatic Metric feature for Internet Protocol routes(https://go.microsoft.com/fwlink/?LinkId=169003).

  5. Repeat this procedure for the other network adapter used for ISP redundancy.

Creating persistent static routes

To ensure that DNS requests are routed to the correct ISP, you must add a persistent static route for each DNS IP address configured on the external network adapters.

To create a persistent static route

  1. Open a command window and create a persistent route using the following syntax:

    route [-p] ADD [destination] MASK [netmask] [gateway] METRIC [metric] [IF interface]

    For example:

    route -p ADD 192.168.5.1 MASK 255.255.255.0 192.168.1.1 METRIC 1 1

    Note the following parameters:

    • p—Makes the route persistent across boots of the system.

    • METRIC—Specifies the priority for this route; the route with the lowest metric has the highest priority.

    • IF interface—Specifies the interface number for this route.

  2. Repeat this procedure for the other network adapter used for ISP redundancy.

Tasks

Configuring networks and routing