Multi-WAN (MWAN) provides outbound traffic balancing and failover across multiple WAN links. It comes as a default feature for HSG, CMG and HSA, without special licensing requirement. 

Added onto mbox powerful performance and multiple GE ports, MWAN offers a simple and cost-effective choice for enterprises to efficiently aggregate the total bandwidth available from multiple upstream ISP links with highest resiliency. If you have multiple internet connections, and want to fully utilize the total available bandwidth with failover, or even control which traffic goes through which WAN link, mbox CMG is the ideal choice for this type of requirement.

You can do load-balancing based on weights between links (weights are relative to each WAN link capacity), or just do failover with multiple levels of primary and backup interfaces. For example, Different sources can have different primary or backup WANs, eg. group 1 use WAN1 as primary and WAN2 as backup; group2 use WAN1 as backup and WAN2 as primary etc etc. 

In summary, MWAN does below 

1. provides outbound WAN traffic load balancing over multiple WAN links based on weight assignment. It also supports specific outbound traffic rules to customize which outbound connections should use which WAN link, based on source IP, destination IP,destination port(s), protocols etc (is like PBR with failover support).

2. monitors each WAN connection using repeated ping tests (to each interface default gateway only) and can automatically failover outbound traffic to other alive interfaces if one interface loses connectivity.

3. supports unlimited WAN links (the limit is the available hardware GE interfaces!)

Special NOTES:

• MWAN load-balancing is performed on a per-IP connection basis. So if you do a speed test or ftp test to a single server, you won't see significant improvement. The balancing benefits will show up when the same hosts are accessing multiple destinations or when multiple hosts start to access the Internet, where the user traffic are spread across different links.

• if you're doing load balancing, you set same metric for each interface; if you want interfaces just to backup each other (active/standby), you set lower metric for the active interface and higher for the standby interface.

• MWAN also supports "persistent" balancing, where the same source ip address within the timeout limit will use the same WAN link as prior session. This supports some "cookie" based type of applications, where the remote servers expect unchanged source IP addresses for the same cookie session. Especially some https sites with HIPS in-line detection will require "persistent" rule otherwise the HIPS will produce false alarms or even drop the requests. Note: it's recommend to keep "persistent" rules as minimum as possible because each persistent rule can consume a lot of system resources in a large network.

• you need to restart MWAN service (mwan stop and mwan start) after each configuration change. Note: it's recommended to restart the whole box because for large networks with hundreds of thousands of connections the mwan stop/start may not be able to clean up all legacy connections.

• some ISPs don't allow other DNS servers to pass through their networks, so sometimes you may not be able to browse Internet when you swing/balance to those ISP links while using incorrect/unaccepted DNS server IP. This is due to DNS resolution issue. In this case, you'd need to use an internal DNS server for name resolutions.

In this configuration example, we are simulating 3 ISP links (ISP1 - 10Mbps, ISP2 - 20Mbps, ISP3 - 30Mbps).