The disclosure relates to apparatus, systems and methods for maintaining a consistent internet connection despite, for example, an interruption to a direct hardwire connection.
Traditionally, firewalls make a determination of the connection state of each network connection via monitoring an upstream device. Prior art monitoring techniques include various known protocols, such as ICMP or other TCP-based protocols including but not limited to DNS, HTTP or HTTPS to validate a connection by monitoring network traffic via a primary connection to see if the traffic is “reaching” a monitored host and inducing a networked response. Under these approaches, when the monitored upstream host fails to respond, the firewall can “failover” the connection to a secondary (or “failover”) internet connection.
Once failed over, outbound and inbound internet traffic is routed via the secondary, or failover internet connection. Ideally, when these upstream monitoring approaches are occurring over the primary internet connection to re-validate the connection, such as by reaching an upstream monitored host, the firewall should switch, or “failback” to the primary connection. The system can tell the firewall what to do using server-side logic or in various implementations the system can utilize state machine logic, artificial intelligence or machine learning. However, there are multiple modes of failure which can result in false positives or negatives in the connection validation and/or disrupt these approaches or prevent proper failover/failback switching.
Failures can occur or otherwise be triggered for any number of reasons. For example, where: a defect or failure in the structure or function of any given network layer can result in false validation results; the firewall incorrectly marks a connected (UP) internet connection as down/failed; the firewall fails to detect a disconnected (DOWN) internet connection and does not properly failover to the backup connection; the firewall fails over to a backup connection and fails to switch connections back to the primary connection upon failing back to the primary connection; intermittent problems can also occur due to a myriad of additional disruptions, such as network link saturation, DNS failures or mis-configurations, or Border Gateway Protocol (“BGP”) router mis-configurations and others, each of which can also cause a firewall or other devices such as but not limited to a router or failover network appliance, to incorrectly identify and validate the connection state. The prior art does not contain a solution for overcoming intermittent network downtime to ensure network and thus business continuity or when a primary connection is stable to switch back to a primary connection.
Prior art firewalls or router implementations typically test internet connectivity through ICMP or HTTP/S but in the case of an HTTP/S failure, routing failures, or cloud-host blocking (dropping traffic), traditional network monitoring can generate false positives and incorrectly trigger firewalls to switch to more expensive/data capped internet connectivity.
Because the present system operates cloud-based connection validation, the system is able to “look down” to the client to try and best determine if the connection is actually up or down. In various implementations, if the cloud server is receiving traffic destined for one IP address, sub-domain on another sub-domain, the system is able to determine that the connection associated with each sub-domain is valid. In traditional networking monitoring, users at a site might know a connection is down or possibly failed over, but centralized or outsourced IT managers may not know for minutes or hours or even until staff or angry end users call to alert them. WAN bonding can work as a second layer of connection validation for purposes of resolution. It is understood that in certain implementations, connection validation can also be applied to WAN bonded connections to validate both or either connection is operating as desired, for purposes of issue resolution and/or remediation.