Getting started with outbound traffic management
Multi-Link for SD-WAN provides high availability for outbound connectivity so that business-critical traffic gets through even when one or more Internet connections fail.
Multi-Link distributes and balances the load of outbound traffic between multiple network connections.
Single Firewalls, Firewall Clusters, and Virtual Firewalls can balance outbound traffic between two or more network links (NetLinks) using the Multi-Link feature. NetLinks are combined into Outbound Multi-Link elements. The NetLinks can represent different types of ISP connections and they can have different speeds. The NetLinks must be added under the appropriate interfaces in the Routing tree to support Multi-Link. You can also use Multi-Link with aggregated link interfaces.
Multi-Link allows you to:
- Balance outbound traffic between two or more alternative network links to increase the available bandwidth.
- Ensure that outbound network connectivity remains available even if network links fail. When a network link fails, the firewall detects this and stops forwarding traffic through the failed link.
You can create multiple Outbound Multi-Link elements, and each NetLink can belong to more than one Outbound Multi-Link element at the same time. Multiple Outbound Multi-Link elements can be useful, for example, when you want a certain type of traffic to be balanced only between some of the NetLinks, and another type of traffic to be balanced between all NetLinks.
To improve redundancy, we recommend connecting each link through different physical network equipment (such as routers).
Outbound traffic management has the following limitations:
- Multi-Link is supported on Single Firewalls, Firewall Clusters, and Virtual Firewalls.
- Multi-Link for outbound load balancing is only supported for IPv4 traffic.
- VPN traffic is balanced independently from the settings covered in this configuration when the firewall is the VPN endpoint.