Internet access is essential to the modern business, where it handle almost every form of communication to the outside world. It has enabled instant interactions across the globe using instant messaging, telephony, and the basic email. Internet connection has become the lifeline of businesses and ensuring access is mission critical.
To that end, planning for multiple redundant connections across different mediums is a must. Advanced SD-WAN can augment traditional WAN’s MPLS with additional commodity connection, such as DSL, LTE, and 5G networks. By sourcing redundant connections from different vendors, it reduces the likelihood of inaccessible networks by not over relying on a single vendor to ensure connection. SD-WAN can manage these connections through policies and priorities that can optimize for latency, throughput, or cost.
Now that we’ve ensured packets can go in or out, we’ll need to start planning our network to survive equipment failures or software issues, such as kernel panics. Duplication of everything in the network stack is costly and inefficient. By using LANBypass equipped systems or Network Expansion Modules, we can pass the packets downstream to route around the failure. This is a cost-effective plan for non-essential network functions, such as those for network optimization, load balancing, or sniffers for network telemetry. There are much to consider regarding security related functions in that we will need to weight the risk of a security incidents occurring simultaneously with networking equipment failures. It is recommended to use layered defenses with redundancy the highest security requirements. This is beyond the scope of our topic today.
1. Normal mode:
where packets are processed normally and sent downstream
2. Bypass mode:
where packets are pass directly from LAN1 to LAN2, bypassing the system
3. Drop mode:
where all packets are dropped to sever all connections
4. Link-Loss mode:
where it detects disconnected downstream connection for network diagnostics with LLCF |
We’re going to take a closer look at how AEWIN’s 3rd generation Bypass feature work. In a fully functional system, network packets entering the system via LAN1. Packets are processed then sent to downstream device via LAN2. In the event of system unavailability, the onboard MCU inside the Network Expansion Module works independently of the host system and interconnects LAN1 and LAN2 to allow packets to move straight through, bypassing the system. In failed system without Bypass functionality, it would act as a roadblock to the network connection and sever the critical communication link. There are additional modes that can be configured in the MCU, where you can force disconnection with the Drop mode and Link-Loss mode to diagnose network disconnections.These are useful features to add to the toolkit of network administrators, and can be configured as default mode for when the host system is up and when the host system is down.
Default behavior can be configured to suit your specific needs and works independently of host system.
Comparison Chart for Bypass Generations
LAN Bypass Comparison |
Gen 1 |
Gen 2 |
Gen 3 |
Bypass enable without Hardware Jumper |
No |
YES |
YES |
Remote Bypass Control |
No |
YES |
YES |
Multiple watchdogs dedicated for different bypass pairs |
No |
No |
YES |
Bypass control in 3 distinct states:power-on, just-on and system off |
No |
No |
YES |
Packet loss prevention if bypass is enabled during system just-on state |
No |
No |
YES |
Bypass implementation Independent of Intel architecture platform of the host system |
No |
No |
YES |
Drop mode |
No |
No |
YES |
Link Loss Carry Forward (LLCF) |
No |
No |
YES |
With years of experience building network appliances, we see the Bypass function as one of the most cost-effective way to add more robustness and resilience to your network and built the Bypass functionality into many of our systems and Network Expansion Modules. It is invaluable by itself, but in conjunction with system redundancies, it can be a force multiplier that can increase the network resilience several fold. If you want to have further discussions about how Bypass feature can improve your network, please talk to our friendly sales representatives!
- Intel® Atom(Denverton-NS) C3558 Processor, FCBGA1310
- 1 Pair AEWIN Gen3 Bypass 1GbE RJ45 ports
- 2x M.2 B key for LTE/5G module & 1x mPCIe for WiFi module
- Intel QAT
Example Network Expansion Module: R519
- Intel XL710
- 4x SFP+ 10GbE ports
- 2 pairs Gen3 Bypass