Ping fails after ISP redundancy fails over Technical Level
  • A ping command issued from internal host failing once the ISP fails over, while all other connections are switching to the new ISP connection and are working as expected.
  • The command #fw ctl zdebug drop shows "dropped by misp_rt_chain Reason: Interface is inactive".
  • The command #tcpdump -Peni any -s 0 host x.x.x.x shows ICMP echo request packets only.

When initiating a ping command an entry(5-tuples) is created in the connection table with a timeout of 30 seconds. The connection table entry holds the ISP which was used when the connection was first recorded. Once the ISP fails over, the existing connections will fail until they are recorded again with the new active ISP.

