FAQs

Are there data usage implications when bonding multiple cellular connections?

Yes, WAN bonding can increase overall cellular data usage, depending on your configuration, the bonding mode you select, and the type of traffic passing through the bonded tunnel.

Can I bond Ethernet and cellular links together on my router?

Yes — you can bond both Ethernet (wired WAN) and cellular (WWAN) links together using Digi’s WAN Bonding service.

Can I use templates in DRM to deploy WAN bonding settings to multiple routers?

Yes, you can use a template to deploy WAN bonding settings to multiple routers. The settings you configure on one device for WAN bonding would instead be configured in the Settings step of the template wizard and would be deployed to all devices controlled by that template. Make sure to configure all of the WAN bonding settings:

  1. Enable WAN bonding.

  2. Add WAN bonding server information.

  3. Add WAN bonding server credentials.

  4. Add the interfaces to the WAN bonding tunnel.

  5. Add the password for the WAN bonding web interface.

  6. Configure SureLink tests for the interfaces participating in the WAN bonding tunnel.

Tip Are you using a template to manage WAN bonding settings for some of your devices? If so, when you configure the settings, make sure you select Require override for each one.

Can WAN bonding be used alongside VPNs or other SD-WAN features?

Yes, you can use WAN bonding alongside VPNs and other SD-WAN overlays — since bonding creates a bonded tunnel, and SD-WAN/VPN features route or secure traffic through tunnels or overlays.

If using both, check the following:

  • Verify the bonded interface is established and default route is through it (if you intend all traffic to use it), or verify specific traffic is policy-routed into it.

  • For your VPN or SD-WAN overlay, verify whether its tunnel endpoint is over the bonded interface (i.e., the overlay traffic is using the bonded path) or a separate path — and confirm performance/latency there.

  • On the router, review the interface and route tables: do you see the bonded tunnel interface, what’s the route for VPN traffic, etc.

  • Check logs/monitoring for link usage: do you see the multiple WAN links participating in bonding? Do you see VPN traffic traversing it?

  • Test performance of VPN or SD-WAN traffic over the bonded link: any added latency, reduced throughput? Compare to baseline.

  • If you have policy based routing or SD-WAN path selection, check its settings: do you steer traffic to the bonded interface or allow direct WAN links? Make sure settings align.

  • Ensure firewall/NAT rules allow both bonding tunnel traffic and VPN overlay traffic upstream.

Can WAN bonding coexist with existing corporate VPN or firewall setup?

Yes, the Digi WAN Bonding service can coexist with existing corporate VPN or firewall setups (for example using site-to-site IPsec or GRE tunnels).

Do I need a WAN bonding server, and does Digi host one for customers?

Yes, you need a WAN bonding server in order to use the WAN bonding service. The Digi Professional Services team can set up and manage this for you. For more information about WAN bonding servers and the options available to you, see About WAN bonding servers and WAN bonding server options.

Does my cellular extender or router support WAN bonding?

All Digi cellular extenders and routers support WAN bonding, except for the EX12, IX10, and IX15 product families.

How can I monitor bandwidth, latency, and packet loss on bonded links?

You can monitor bandwidth, latency, and packet loss for each interface in the bonding server web UI.

How can I tell if my router is using WAN bonding or just load balancing?

In DRM, Navigate to the device's settings, and then click Network > SD-WAN > WAN Bonding to see if the WAN bonding configuration is enabled. If it is not enabled, you may be using load balancing.

To check and see if you are using load balancing, click Network > Interfaces (or Modems) and click to expand a WAN interface (for example, WAN1 or WWAN1). Click to expand either the IPv4 or IPv6 menus and see if the Metric and Weight settings are configured with the same metric for multiple WAN interfaces. If they are, then you are using load balancing.

How do I add WAN bonding licenses to a sub-account in Digi Remote Manager?

To add WAN bonding licenses to a sub-account, see Add WAN bonding licenses to an account.

How do I implement WAN bonding in Digi Remote Manager?

Implementing WAN Bonding in Digi Remote Manager is a process that connects your Digi router(s) to the WAN Bonding service, enabling you to combine multiple WAN interfaces (Ethernet, Cellular, Wi-Fi WAN, etc.) into one high-performance, reliable connection.

For instructions about adding WAN bonding licenses to your sub-accounts to validating your configuration, see Workflow | WAN bonding service implementation.

How does failover work when one of my bonded links goes down?

Digi WAN Bonding failover is instantaneous and session-preserving.

If one WAN link fails, traffic is automatically rerouted at the packet level over remaining links — without interrupting ongoing sessions. When the failed link recovers, it rejoins the bond seamlessly.

When one of your bonded WAN links goes down, Digi WAN Bonding doesn’t just fail over in the traditional sense — it intelligently reroutes traffic in real time to keep your data sessions alive. Unlike standard WAN failover (which drops and re-establishes sessions), WAN bonding maintains continuous connectivity across multiple links by distributing and reassembling packets dynamically.

Step What happens Result
1 Bonding monitors link in health continuously Detects loss or degradation instantly
2 One link fails Traffic stops using that link
3 Packets are rerouted to remaining links Active sessions remain live
4 SureLink resets and restores link Link is reintroduced automatically
5 Tunnel continues uninterrupted Users experience no visible downtime
How does WAN bonding differ from load balancing?

While both techniques use multiple WAN links to improve connectivity, WAN bonding and load balancing operate at different network layers and deliver very different results — especially when it comes to throughput, reliability, and session continuity.

Feature

WAN bonding

Load balancing

What it does

Combines multiple WAN connections into one logical, aggregated tunnel

Distributes sessions or flows across multiple WAN connections

How it works

Splits and reassembles packets across multiple links simultaneously

Routes each session (or flow) through one link at a time

Result

Higher total bandwidth, seamless failover, continuous sessions

Session-level distribution only; failover breaks active sessions

Ideal use case

High-performance, real-time, and resilient connectivity

Simpler multi-WAN traffic distribution––
Is WAN bonding traffic encrypted?

Yes, the Digi WAN bonding service can encrypt traffic between the client device (Digi device) and the bonding server. The optional Encryption setting must be enabled. See Add interfaces to the WAN bonding tunnel.

Caution The encryption is between your Digi device and the bonding server (the tunnel created by the bonding service. It does not necessarily mean every packet after the bonding server is encrypted unless you run a VPN or other end-to-end encryption. Even with encryption enabled, the overall security also depends on the integrity of the routing after the bonding server (i.e., how the traffic leaves the server to the Internet).

Some link types (e.g., cellular) may already have encryption at the carrier level, but this is separate from the bonding-tunnel encryption.

 

What cellular routers work with the WAN bonding service?

All Digi cellular extenders and routers can use the WAN bonding service except for the EX12, IX10, and IX15.

What diagnostic tools are available in Digi Remote Manager or the DAL OS UI for the device to troubleshoot connectivity issues?

The following tools give you a high-level view across your fleet of devices, individual devices, and the WAN bonding tunnel, which is useful for spotting connectivity issues such as link flapping, high latency, or repeated re-connections:

  • Device Health/Health Metrics: You can monitor metrics such as latency, packet delivery, signal quality (for cellular), data sent/received, CPU/memory utilization

  • Insights: Set thresholds/conditions for things like connection loss, performance degradation, and get notified when devices are out of compliance.

  • Remote commands/tasks: Run tests or tasks on the device remotely (for example, ping, file download, firmware update, configuration snapshot).

  • Connection History/Status: View when the device last connected to Digi RM, its registration history, any disconnects.

  • Reports/Dashboards/Data Stream Export: You can drill into device metrics (bandwidth, data usage, latency trends) and export data for further analysis.

  • Ping/Traceroute tests: Use CLI or Web UI to ping external hosts to check latency, packet loss, and routing path to determine if a WAN link is functioning. For example the Digi TransPort user guide shows “Send n byte pings to IP host a.b.c.d every h hrs m mins s secs” settings.

  • Ookla Speedtest: Configure Ookla speedtests in Digi Remote Manager and see the results.

  • Interface/statistics status pages: View each WAN/WWAN interface’s status: up/down, bytes sent/received, errors, collisions, signal strength (for cellular) etc.

  • Event logs/system logs: Capture log entries related to link drop, reconnection, tunnel errors, authentication failures. On Digi, routers you can extract files like debug.txt for deeper troubleshooting.

  • Bonding tunnel statistics (if using WAN Bonding): For devices with the bonding service you can check, check the bonding UI for the tunnel, which will include per-channel latency, sent/lost packets, and other information.

What do I need to have to implement WAN bonding?

Prerequisites when implementing WAN bonding service

Prerequisites

  • Hostname or IPv4 address for each external server hosting the WAN bonding server.

  • (Optional) Host port number the external server uses for the WAN bonding connection.

  • (Optional) Channel UDP Listener Port number of the UDP port for the external hosting server.

  • The username and password to authenticate with the hosting service.

  • WAN interfaces that will be bonded.

  • Password used to authenticate with the WAN bonding web interface.

  • WAN bonding license key (if implementing a partner-hosted or self-hosted WAN bonding server).

Additional items

  • The firewall zone for the new bonded interface, if other than External.

Prerequisites when implementing WAN bonding service
Prerequisites_when_implementing_WAN_bonding.htm
What firewall or NAT settings are required for WAN bonding to work?

For WAN bonding to work with a firewall or NAT settings:

  • Confirm the firewall zone assignment for the bonded interface is set correctly. The config guide says you must specify “The firewall zone for the new bonded interface, if other than External.”

  • Check that NAT is enabled on the WAN side interfaces. Without NAT/masquerade, outbound traffic might not get proper translation and tunnel handshake might fail.

  • If you have advanced NAT rules or port forwarding set, ensure they do not override or block the bonding client from reaching the server.

  • If your environment uses symmetric NAT, double NAT, or carrier-grade NAT (especially on cellular), ensure that the tunnels’ required ports (TCP/UDP) are not blocked upstream. Cellular carriers often limit or block certain port/UDP flows.

  • Review that you are not inadvertently doing port forwarding that interposes on the bonding tunnel traffic and causing interruptions.

What happens if my WAN bonding license expires?

The WAN bonding service will no longer be available, which means the bonded tunnel functionality will be disabled and the device will revert back to sending traffic through its WAN interface(s) instead of through the bonding tunnel. The router may continue to run the configuration but the bonding server might reject or stop receiving traffic from devices whose licenses are no longer valid. You may also lose monitoring and/or management features associated with the WAN bonding server until you re-activiate the subscription.

To avoid disruption of the bonding service, make sure to monitor your subscription: Log in to in Digi Remote Manager. On the main menu, click Dashboard, to see the Expiring Soon card.

You can always contact Digi Technical Support using one of the methods outlined on the Contact Support page to discuss renewal.

What is WAN bonding?

About WAN bonding

WANClosedWide Area Network bonding is a the process of aggregating two or more WAN interfaces so that data packets are simultaneously distributed across all active connections for increased throughput, optimized latency, and seamless failover. The goal is to improve throughput, reliability, and resilience of a network by treating multiple WAN links as one.

  • Multiple links active: The router uses all available WAN interfaces concurrently — such as LTE/5G, wired broadband, or satellite.

  • Traffic splitting: Outgoing traffic is divided into smaller packets and sent across different WAN links.

  • Recombination at server: On the other end, a WAN Bonding server (also called a tunnel endpoint or aggregator) receives and reassembles the packets into the correct sequence before forwarding them to the destination.

  • Dynamic load balancing: The router continuously monitors link performance (latency, packet loss, jitter, bandwidth) and adjusts how traffic is distributed in real time.

  • Failover and redundancy: If one connection fails, the bonded tunnel remains active using the remaining links — ensuring seamless failover with little or no session interruption.

  • Higher throughput: Combines bandwidth from multiple WANs.

  • Improved reliability: Multiple links mean continuous connectivity even if one link drops.

  • Reduced latency & jitter: Traffic can be optimized dynamically for low latency.

  • Session persistence: Maintains ongoing sessions (VPN, video call, etc.) even during link failover.

  • Better utilization: Makes use of all available WAN resources efficiently.

On most Digi EX, IX, and TX cellular routers, WAN Bonding is implemented via Digi’s SD-WAN / WAN Bonding feature in conjunction with Digi Remote Manager. It uses a secure tunnel to a Digi or customer-hosted bonding server that reassembles the split packets, effectively merging:

  • Cellular + Wired broadband, or

  • Multiple Cellular SIMs (e.g., from different carriers)

This results in higher aggregate bandwidth and uninterrupted connectivity for demanding IoT and enterprise applications.

Note All Digi cellular extenders and routers can use the WAN bonding service except for the EX12, IX10, and IX15.

About WAN bonding
../About.htm
What ports or protocols does WAN bonding require to function properly?

Key ports and protocols needed for WAN bonding:

  • The device (client) connects to an external WAN Bonding server (or VPS) via a named host/port. The default Host Port is TCP 443.

  • There is also a UDP channel listener port used by the bonding service: default UDP 44343.

  • The configuration supports a “TCP Mode” option for environments where UDP may be blocked or throttled.

  • The bonded tunnel is built over whichever WAN links you select; however, traffic is encapsulated—in effect a tunnel—so it is not just ordinary routing.

What throughput can I expect with WAN bonding enabled?

The throughput you can expect with WAN Bonding depends on your available WAN link capacities, bonding mode, network conditions, and device model. Digi WAN Bonding guarantees 80% of the total throughput available on the bonded interfaces. Internal testing has shown that WAN Bonding can reach a higher percentage of total throughput (close to 93%), but Digi does not guarantee that level of performance. Also, with certain Digi routers there is additional performance reduction due to the hardware capabilities of the router itself.

For example, a TX64 with three 200Mbps connections (Ethernet WAN + 2 cellular connections) can guarantee up to 480Mbps bonded throughput.

Why is my overall throughput lower than expected when bonding multiple links?

To diagnose this issue, check the following:

  • Check each WAN link’s individual performance (latency, packet loss, throughput) when used alone.

  • Check router / device stats: CPU load, memory usage, any errors on the WAN interfaces.

  • Check bonding interface statistics: is the bonded interface showing traffic across all links? Are some links idle?

  • Verify in your bonding settings: mode (Automatic, Ethernet, Low Latency, TCP mode), whether “packet duplication” is turned on, what interfaces are bonded.

  • Verify licensing/tier.

  • Perform multi-stream throughput tests, not just a single stream.

  • Test with only “ideal” links (two wired/fiber links) to compare results vs when using a cellular link.

Why is my WAN bonding tunnel not connecting to the server?

For troubleshooting possible causes, see Troubleshooting.