A middlebox is a network appliance that manipulates Internet traffic by optimizing data flow across the network. Middleboxes can be configured as wide area network (“WAN”) optimizers and can be deployed in pairs across two geographically separated locations to optimize data traffic between the two middleboxes. Middleboxes can be connected through a single link or multiple links such as a leased line link and a broadband link. Middleboxes proxy the TCP connections by monitoring the transmission control protocol (TCP) connection on a first link and forming a new TCP connection based on the first link.
For high availability networks, it is common to see data center sites deploying a secondary backup device. In such situations, the middlebox associated with the data center can be replaced with two parallel middleboxes in between two switches, with one of the parallel middleboxes being an active primary device, and the other being a secondary passive device acting as a backup in case the primary device malfunctions.
By organizing middlebox devices for high availability, some network systems are configured to mitigate network traffic interruptions if a primary device failure occurs. When the primary (active) device experiences a hardware or software failure, the port connected to the switch is reset and the switch redirects any future traffic to the secondary link connected to the secondary (passive) device. Since services are already started on the secondary device, TCP communications across the connection begin to flow across the secondary device that is now acting as the primary. The connections that were proxied by the former primary are disrupted and the end points have to restart these connections, which will be served by the secondary device.
In situations where there is a software failure at the primary device, the primary device would switch off its interfaces, in a way that the switch will enable the port connected to the secondary device. The problem with this fail over mechanism is that it takes some time for the primary to detect a software failure, and hence to trigger a port reset. Further, the active connections in the primary devices fail as the transmission communication protocol connections are proxied, and would be reset. This in effect would result in network disruption for a short time, and also would result in poor user experience.