You configure path selection in the Networking > Network Services: Network Services Table page.

Path selection ensures that the right traffic travels to the right path by choosing a predefined WAN gateway for traffic flows in real-time, based on availability. In path selection, you define a path, called an uplink, by specifying a WAN egress point and providing a direction for the egressing packets to take.

Using path selection rules, you can configure policies to specify the uplink used for specific traffic flows. This granular-level path manipulation enables you to better use and more accurately control traffic flow across multiple WAN circuits.

A common use of path selection is to route voice and video traffic over an expensive, high-quality multi-protocol label switching (MPLS) link, while offloading less time-sensitive traffic over a less expensive Internet VPN or direct Internet link.

Enabling Internet paths can make efficient use of existing resources by taking advantage of both private and public links. Using path selection provides the right performance levels for your applications and saves on bandwidth costs by optimizing the use of available bandwidth.

The path selection WAN egress controller is compatible with all SteelHead transport modes (including fixed-target configuration).

The path selection WAN egress controller also has these characteristics:

Configuring path selection involves specifying uplinks and the uplink preferences for certain traffic. At a high level, you can configure multiple uplinks for each connection by specifying rules based on various parameters.

The system monitors the state of the uplink and the state of the connectivity to the remote site over the uplink. Then the appropriate uplink for a packet is selected. Selecting appropriate uplinks for packets provides more control over network link use.

Path selection uses Internet Control Message Protocol (ICMP) pings to dynamically monitor the state (that is, the “reachability” or condition) of the connectivity to the remote sites over the configured uplinks on a regular schedule.

You can configure the acceptable loss observed (threshold) for each uplink. The default is 2 seconds. If the ping responses do not return within the probe timeout setting or if the system loses the number of packets defined by the loss threshold, the system considers the remote site to be unreachable and triggers an alarm indicating that the path is unavailable.

If one uplink fails, the system directs traffic through another available uplink if another uplink was specified in the path selection rule. If another uplink was not specified in the path selection rule, the default action is performed. When the original uplink can again reach the remote site, the system redirects the traffic back through the original uplink.

By default, path selection is disabled.

A path selection channel is an overlay tunnel between a SteelHead and a SteelHead Interceptor that enables the SteelHead to reach the configured uplinks.

Path selection can operate in large-scale SteelHead Interceptor cluster deployments. A SteelHead Interceptor cluster is one or more SteelHead Interceptors collaborating with one or more SteelHeads to select paths dynamically. Configuration and maintenance is easier using the SteelCentral Controller for SteelHead (SCC) to set up the path selection cluster and then push the configuration to the remote appliances.

SteelHeads select uplinks based on this criteria:

The SteelHeads then instruct one or more SteelHead Interceptors to steer the WAN-bound packets to the chosen uplink.

SteelHead Interceptors redirect all connections (those connections identified as needing path selection) to a SteelHead for the lifetime of the connection. These connections include UDPv4 and TCPv4 (both optimized and unoptimized) connections. A SteelHead performs path selection on these traffic flows and delivers them on the WAN through a SteelHead Interceptor.

In a SteelHead Interceptor cluster, you can connect the SteelHead to the WAN edge router over either a Layer-2 or Layer-3 uplink. A Layer-2 uplink is not required.

When a path selection channel is configured, the system associates the path selection channels with the configured uplinks. When more than one channel is configured for an uplink, only one is used actively and the others will be used only when the active channel fails.

The SteelHead uses the active channel for an uplink to tunnel packets steered to the corresponding uplink. The SteelHead also monitors the health of a channel by sending ICMP probe requests to the uplink gateway. When the SteelHead Interceptor receives the ICMP probes, the SteelHead Interceptor routes the probe to the gateways.