Outbound traffic management configuration overview
Multi-Link uses multiple NetLinks to balance the load of outbound traffic and ensure high availability of Internet connectivity. With each new outbound connection, the NGFW Engine selects the fastest route for the connection from the available NetLinks.
There are two ways to configure outbound traffic management. You can:
- Use element-based NAT to automatically create an Outbound Multi-Link element based on the routing configuration.
- Manually create an Outbound Multi-Link element and define specific NAT rules for outbound load balancing.
This illustration shows the elements that are used to configure Multi-Link. Each NetLink element contains a Router element and a Network element. The Router element represents the router for that network connection. The Network element represents the set of public IP addresses allocated by the provider of the network connection. NetLinks are added to the Routing tree under the Interface IDs and the Modem numbers that represent the physical interfaces or the mobile broadband modems toward the routers used for the Internet connections.
Multiple NetLinks are combined into an Outbound Multi-Link element. Outbound Multi-Link elements are the central elements used to configure load balancing for outbound traffic. If you use element-based NAT, the default NAT address works like an Outbound Multi-Link and the NAT rules are automatically generated. You can also use an Outbound Multi-Link element as a NAT address in a NAT definition. You can alternatively use the Outbound Multi-Link elements in the Firewall Policy’s NAT rules to implement outbound load balancing manually.
The configuration consists of these general steps:
- Configure routing with at least two NetLinks.
- If you want the NGFW Engine to select the NetLink based on the type of traffic, create QoS Classes and assign them to traffic.
- Enable outbound traffic management in one of the following ways:
- To use element-based NAT for outbound traffic management, enable automatic default NAT in the Engine Editor.
- To manually configure outbound traffic management, create an Outbound Multi-Link element to group your NetLinks and define traffic management settings.
- To manually configure outbound traffic management, create NAT rules for outbound load balancing in the Firewall Policy.