Drop In, LAN Bypass and Authoritative DNS


#1

I am trying to understand how Drop In Mode, LAN Bypass and Authoritative DNS might work together on 305. I am considering using the 305 in front of a web server to manage multiple WAN links. A few questions:

  1. In order for the LAN Bypass to work, LAN 1 need to be in Drop In Mode?

  2. LAN 2 and LAN 3 would be connected to other ISPs.

  3. How would the DNS be configured? I am thinking that Authoritative DNS would be needed so that the 305 could hand out the IPs of the WANs.

If the 305 went down, the LAN Bypass will connect WAN 1 to LAN3 – this is perfect – as it keeps the web server connected to the internet. What about DNS? Because the 305 is no longer online, what will happen when a client computer does a DNS lookup? I am guessing, it would get a DNS lookup error and would not resolve the domain name to the IP of WAN1.

If all this is correct, what do you recommend? If it makes a difference, I am currently using dyndns.com as the Authoritative DNS. It looks like there is a way to put my account info into the 305, I am not sure what this will do or this this might help in the case when the LAN Bypass is active.


#2

Hi,

Configure LAN Bypass ports as Drop-in are recommended.

LAN Bypass is useful when you have 1 box only. If Authoritative DNS is important for you, I do recommend to go for HA. Please find here for more details.


#3

I called Peplink tech support today to ask about High Availability and to determine if we could use 2 Peplinks without a LAN side switch. I just wanted to follow up to make sure I understand.

The documentation on the Peplink website always shows the 2 Peplinks connected to a single switch on the LAN side. This would create a single point of failure unless the switch was setup for failover with another switch. Since we only need have two web servers on the LAN side, I hope that the switch can be eliminated. Support today said that if we use dual port NIC cards, it should be ok to go from the Peplink directly into the nic cards like this:

Peplink 1 Lan 1 <===> WebServer 1 Nic 1
Peplink 1 Lan 2 <===> WebServer 2 Nic 1

Peplink 2 Lan 1 <===> WebServer 1 Nic 2
Peplink 2 Lan 2 <===> WebServer 2 Nic 2

If this is correct, how would the nic cards be setup, would you give both nic1 and nic2 the same IP Address as:

WebServer 1 Nic 1: 192.168.1.10
WebServer 1 Nic 2: 192.168.1.10

WebServer 1 Nic 1: 192.168.1.20
WebServer 1 Nic 2: 192.168.1.20

And then enable Teaming in Adaptive Fault Tolerance Mode?