USG5320 (port 1:126.96.36.199) -------- layer switch -------- telecommunications equipment (188.8.131.52)
(Port 2:184.108.40.206) -------- layer switch -------- Netcom equipment (220.127.116.11)
USG5320 is connected through a Layer 2 switches and telecom equipment requirements can be found in the USG and telecommunications equipment appears to interrupt the link, it can switch to the Netcom equipment.
Note: The above address is assumed.
USG configures ip-link command, the command can detect the specified IP address, the detection method is ICMP and ARP, default ICMP way, when detects the address cannot be accessed, the link is considered a problem.
Note: This command can only be detected with a firewall port address in the same network segment, and the address is the gateway address.
Configure Ip-link command in the firewall, detect whether telecommunications end equipment IP address 18.104.22.168 is reachable or not, when a fault occurs, static routing (configure two default routes) can detect a link failure, thus automatically go to the connected road.
ip-link check enable
ip-link 1 destination 22.214.171.124
Fault 1: If the link between USG5320 and layer switch is interrupt, USG can find the interrupted link.
Fault 2: But when the link between Layer 2 switches and telecom equipment is interrupted, because the link between the USG and layer switch without interruption, routing cannot determine the link problems.
Note: If the switch in the middle is Layer 3 switch, When the interface address of firewall and telecommunications equipment is not in the same network segment, it cannot detect by the ip-link command.