I have a Peplink Balance 30.
In setting up the health check, I find I have the health checks options I want, but can’t do them in parallel. This makes the health check insufficient, and allows for cases where my WAN is effectively down even though the Peplink thinks it’s up.
Here are the things I think a health check should do, and it must do BOTH:
Verify DNS works. This means check to see if either my primary or secondary server DNS lookups are successful for some common lookup (e.g. DNS for google.com).
What I find I have are ways to do only either one of the above. If I select “Ping” for health check, I can have a public server listed and my two DNS servers (via the check box), but the help text states that success of any one of these servers will constitute an ‘up’ connection. That’s not good! It doesn’t show that I can get off of my ISP’s network, or it shows that I can get off the network but may not have any working DNS servers! Both of these cases should cause a failover event.
If I select ‘DNS lookup’ for my health check, I can again set public and DNS server hosts, but run into a similar problem, in that it will consider my line ‘up’ if it gets a response from a public server but not either of my DNS servers. That constitutes a down connection, but it will be reported as up!
The solution to this is to have a mode or setting which allows me to verify that I have 1 of 2 local DNS servers responding AND 1 of 2 ping servers responding. It could be easily accomplished by adding a combined DNS and Ping option which has all the same fields but requires both the ping and DNS to be successful.
Two other suggestion:
Quoting the help text…
“Connections will be considered up if DNS responses are received from any one of the health check DNS servers, regardless of a positive or negative result.”
Seems like this wouldn’t capture a broken DNS server which always returns a failed lookup result. While this is rare, it can happen. It would be better to require a success on the lookup, with a user definable hostname to look up.
It would be nice if all those integer settings (timeout, interval, retries) could be custom rather than a dropdown. I for one would like to be able to set a health retries of 2 and require a recovery retry of 50, neither of which are options.