This chapter provides information about the fail-to-block mode on SteelHead and SteelFusion appliances and details the hardware and software versions that support fail-to-block mode. It includes the following sections:

This chapter assumes you have installed and configured the appliance.

This section describes fail-to-block mode as compared to the default fail-to-bypass mode.

Fail-to-bypass mode lets the network maintain connectivity in the event of a failure, without optimization. With fail-to-block mode enabled in a redundant network path environment, traffic is blocked and rerouted to an optimized backup path in the event of a failure.

This feature is useful only if the network has a routing or switching infrastructure that can automatically divert traffic from the link to the optimized backup path. In an active-backup redundant network setup, the active path is configured to use fail-to-block mode, and the backup path is configured to use fail-to-bypass mode, thus traffic continues to be optimized on the backup path if there’s a failure on the active path. In the event of a failure, the LAN and WAN interfaces power down. From a connected router or switch perspective, those devices don’t detect a link.

RiOS supports fail-to-block mode on all cards, including cards that don’t have hardware fail-to-block capabilities, allowing fail-to-block mode functionality with most NICs while the operating system is running.

The following events trigger fail-to-block mode if the feature is enabled:

All SteelHead GX, CX, DX, EX, Interceptor 9600, and SteelFusion NICs support fail-to-block mode.

This table lists the NICs that support the following functionalities in the SteelHead xx50 appliances:

You can enable the fail-to-block mode on a per interface basis.

For details on how to test a NIC, see NIC self-test for SteelHead.