WAN fail-over options

We are a small school.  I am getting Internet service from Comcast - this is the ONLY service available at my address.  We are having intermittent issues with web site availability.  The connection is reliable because I am running my SIP telephone service over it without issue.  

The problem is with web site availability.  A student can be working through an online course and suddenly loose connectivity to their particular web site.  I can get Verizon FIOS service at another building about 1/4 mile away.  I am considering getting FIOS service at that building and then set up a 900 mhz bridge to my main building to provide a WAN fail-over for my main network.

My question is about WAN failovers.  How exactly does that work?  I have a SonicWall that has the option to incorporate that.  Does the failover kick in only when my main data connection drops completely or would it kick in when the main connection is unable to reach a web site?

Does this sound like a reasonable attempt to solve my Internet unreliability?
Ken HerrIT DirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pgm554Commented:
If it's not Comcast,then it could be the web service at that site,so having a failover service if that site is having issues is not the answer.
carlmdCommented:
Is the site the student loose connectivity to local (served up by the school, LAN)?

If the remote building is part of the school campus there may be service tunnel in which you could have a private fiber run installed. I would look at this option before a wireless bridge.

The Sonicwall failover mechanism permits transfer on failure of one line, or sharing of both. There is nothing that is a part of this that would automatically detect a web site being inaccessible, and moving the connection to the other circuit.

You don't mention it, but what do you do to get the web site back after it stops working? Are the pc's using the site hard wired on a LAN, or wireless. When this one site stops working can you still get out on the internet to any other sites?
Ken HerrIT DirectorAuthor Commented:
I am seeing two different behaviors:

1. High latency on one of the legs of the route.  
I use VisualRoute to monitor the link path.  I see this as a Comcast issue but their techs say "everything looks fine here".  arrrrgggghhhh  
I have not looked but does not the SonicWall have the capability of periodically checking the availability of certain destinations to determine if the service is UP?

2. Occasional lack of connectivity to the Internet.  
This sometimes affects all internet services but usually does not affect my SIP phone service.
I'm hoping that the SonicWall can detect this drop and switch to its WAN failover port.

Other comments:
My other building is on the other side of a public right-of-way so running private fiber is out of the question.
When web sites come back up we don't have to do anything to restore - it just starts working.

Having a WAN failover is still a good idea but it may not solve my issues.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

carlmdCommented:
The Sonciwall can use a heartbeat between it and a failover Sonicwall (2nd piece of hardware), but does not have any features that I have ever heard of that will check a specific destination. If you have two ISP's connected (which I understand you do not), then it tests connectivity to make sure both circuits are alive.

This does not sound like an ISP circuit issue since you say that the SIP phones continue to work when this is happening.  Can you post a diagram of your topology? This sounds more like a switch or something else in the LAN that is failing.
Ken HerrIT DirectorAuthor Commented:
Here is what SonicWall says:
https://support.software.dell.com/kb/sw7588  It will do a heartbeat check.

I do have two firewalls set in high availability configuration.
pgm554Commented:
>This does not sound like an ISP circuit issue
Maybe ,but I do know that Comcast can be less than honest and lacking in knowledge when it comes to their networks.
One M$ MVP I work with has had issues with dropped packets and long RTP issues when using Comcast Biz.
Sounds almost as if the DNS is funky from time to time.
carlmdCommented:
Simple thing to rule out DNS issues. Change the dns servers to use google dns.

If you have one ISP Comcast circuit, and two Sonicwalls in a failover configuration, you don't have protection for an ISP failure. So, given that, if it is not an issue with some piece of hardware on you LAN that the phone equipment does not touch, why would the phones continue to work. I would look for something that is not used by the phone circuits since it sounds like the ISP circuit must be ok.
masnrockCommented:
Comcast is always going to demand that you test from their modem. Use Speedtest from both their site and the regular one. As long as those numbers are bad, they will be forced to troubleshoot.

Given you mentioned latency, they are notorious for signal and infrastructure issues. But you must test from the modem itself!

If that is fine, then you need to start testing your network equipment. Example, you may need to set your Sonicwall not to filter aggressively. What model do you have anyway?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ken HerrIT DirectorAuthor Commented:
Just getting back to this question

We are using sonicwall NSA-220 firewalls
I have tested using Speedtest from both the modem and from within our network and neither of them show any issues.
Comcast has reset our modem to factory and that seems to help for a while.
I have tried different DNS servers with the same result.
We have looked for NAT translation issues but do not see any issues.

The basic question is whether or not a WAN failover would help in this scenario.  After reading everyone's comments above, I don't think that would solve the intermittent issues i am seeing.  What a wan failover would give us is protection in case of complete failure.  

I am beginning to think that the issue is just that our demands exceed our service.  I have up to 100 computers accessing the Internet over a Comcast 100/25 business class circuit.  Fibre is cost prohibitive and not an option at this point.
carlmdCommented:
Your Sonicwalls allow you to check the Bandwidth usage under the Dashboard -> Real Time Monitor.

That should tell you if you are Bandwidth limited.
Ken HerrIT DirectorAuthor Commented:
We cannot do what I was hoping so I am closing this question
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocols

From novice to tech pro — start learning today.