Differences

This shows you the differences between two versions of the page.

doc:howto:mwan3 [2014/08/21 09:44]
adze
doc:howto:mwan3 [2014/11/11 20:46] (current)
arfett
Line 4: Line 4:
    * [[https://forum.openwrt.org/viewtopic.php?id=39052|OpenWrt Forum: New package: mwan3; multi-wan policy routing; testers wanted]]; much of the content below comes from forum posts by Adze or Arfett on this thread     * [[https://forum.openwrt.org/viewtopic.php?id=39052|OpenWrt Forum: New package: mwan3; multi-wan policy routing; testers wanted]]; much of the content below comes from forum posts by Adze or Arfett on this thread
    * there is documentation available for policy routing on Linux, e.g. [[http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html|Policy Routing With Linux - Online Edition by Matthew G. Marsh]]     * there is documentation available for policy routing on Linux, e.g. [[http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html|Policy Routing With Linux - Online Edition by Matthew G. Marsh]]
-    * source code and development versions on github.com: [[https://github.com/Adze1502/mwan]]+    * source code on github.com: [[https://github.com/openwrt/packages/tree/master/net/mwan3]] 
 +    * source code on github.com: [[https://github.com/openwrt/packages/tree/master/net/mwan3-luci]] 
 +    * old source code and/or development versions on github.com: [[https://github.com/Adze1502/mwan]]
  * Related pages:   * Related pages:
Line 12: Line 14:
The mwan3 packages current as of 2014-08-21 are: The mwan3 packages current as of 2014-08-21 are:
-  * mwan3_1.4-24_all.ipk 
-  * mwan3_1.5-4_all.ipk (OpenWrt CC only) 
-  * luci-app-mwan3_1.3-1_all.ipk 
-See below for the download procedure.+  * mwan3_1.4-24_all.ipk (for OpenWrt 12.09) 
 +  * mwan3_1.5-8_all.ipk (for OpenWrt 14.07 "Barrier Breaker" & future "Chaos Calmer" release only) 
 +  * luci-app-mwan3_1.3-5_all.ipk (for OpenWrt 12.09 and later) 
 + 
 +See below for the download and installation procedures.
===== Description ===== ===== Description =====
Line 34: Line 37:
  * Forum member Adze wrote mwan3   * Forum member Adze wrote mwan3
-  * Forum member Arfett wrote the LuCI web interface+  * Forum member arfett wrote the LuCI web interface
Many thanks! Many thanks!
Line 142: Line 145:
  * Users in the forum have reported problems with DNS resolution or being unable to send e-mail after implementing WAN load-balancing or failover using mwan3   * Users in the forum have reported problems with DNS resolution or being unable to send e-mail after implementing WAN load-balancing or failover using mwan3
-  * The usual cause is they are using the DNS servers or a mail (SMTP/POP/IMAP) server provided by the ISP of the wan1 (original WAN) interface and when the router starts sending traffic out the wan2 interface, the ISP blocks access to its servers because the traffic is now coming from an address that is not in their own network. This is a common security configuration by ISPs and has nothing to do with mwan3 specifically.+  * The usual cause is they are using the DNS servers or a mail (SMTP/POP/IMAP) server provided by the ISP of the wan (original WAN) interface and when the router starts sending traffic out the wan2 interface, the ISP blocks access to its servers because the traffic is now coming from an address that is not in their own network. This is a common security configuration by ISPs and has nothing to do with mwan3 specifically.
  * Option 1: Before implementing any multiple WAN configuration, test any ISP-provided services to see if they are reachable from "foreign" IP addresses and ensure that they can still be used from source IPs not on the ISPs network.   * Option 1: Before implementing any multiple WAN configuration, test any ISP-provided services to see if they are reachable from "foreign" IP addresses and ensure that they can still be used from source IPs not on the ISPs network.
  * Option 2: Change settings to switch to using servers that are known to be accessible from anywhere   * Option 2: Change settings to switch to using servers that are known to be accessible from anywhere
Line 265: Line 268:
  * Ensure the single ping is successful on this interface ("1 packets transmitted, 1 packets received, 0% packet loss" should be displayed)   * Ensure the single ping is successful on this interface ("1 packets transmitted, 1 packets received, 0% packet loss" should be displayed)
-=== Test the wan3 connection ===+=== Test all other WAN connections ===
-  * Repeat as above to ensure every WAN connection is working+  * Repeat as above to ensure every WAN connection that has been created is working
===== Ensure the CONNTRACK module is enabled in OpenWrt ===== ===== Ensure the CONNTRACK module is enabled in OpenWrt =====
Line 273: Line 276:
mwan3 requires that the CONNTRACK module is enabled and active on its WAN interfaces. mwan3 requires that the CONNTRACK module is enabled and active on its WAN interfaces.
-  * If the interfaces are in the "wan" firewall zone, and the "Masquerading" option is enabled for the firewall zone, the CONNTRACK module is enabled by default already (this is the usual case)+  * If the interfaces are in the "wan" firewall zone, and the "Masquerading" option is enabled for the firewall zone, the CONNTRACK module is enabled by default already (this is the default OpenWrt configuration)
  * If masquerading/NAT is **not** enabled for the WAN interface (for example, if just routing without NAT is being using between the LAN and your different WAN interfaces), you need to add the following rule to the LAN and WAN zone configurations in your /etc/config/firewall:   * If masquerading/NAT is **not** enabled for the WAN interface (for example, if just routing without NAT is being using between the LAN and your different WAN interfaces), you need to add the following rule to the LAN and WAN zone configurations in your /etc/config/firewall:
Line 283: Line 286:
  * For more information, see [[http://wiki.openwrt.org/doc/uci/firewall#note.on.connection.tracking.notrack|OpenWRT conntrack/notrack]]   * For more information, see [[http://wiki.openwrt.org/doc/uci/firewall#note.on.connection.tracking.notrack|OpenWRT conntrack/notrack]]
-===== Download packages =====+===== Manual download of packages =====
-The mwan3 packages aren't in the OpenWrt standard package repository. The two packages need to be separately downloaded and installed.+This step is only **required** for OpenWrt 12.09. In OpenWrt 14.07 "Barrier Breaker" and later, the mwan3 packages are in the standard package repositories and no manual download is required. 
 + 
 +The manual download can also be used with OpenWrt 14.07 if the latest possible versions are desired compared to what is in the standard OpenWrt package repositories at that time.
  * http://213.136.13.52/mwan3_latest_all.ipk   * http://213.136.13.52/mwan3_latest_all.ipk
Line 302: Line 307:
</code> </code>
-The suggested alternative is to download each using a web browser on a PC and then transfer each package using scp.+===== Installation =====
-  * Here is a sample PuTTY pscp command to copy both files from the current directory to the /tmp directory on the OpenWrt router using SCP (SSH secure copy). Enter the root password for the router when prompted to do so.+==== OpenWrt 14.07 and later ==== 
 + 
 +  * This is the method when using the mwan3 packages from the standard OpenWrt package repository 
 + 
 +=== LuCi web interface method === 
 + 
 +  * Go to System > Software 
 +    * click "Update lists" to get the latest package databases 
 +    * In the "Download and install package:" box, enter "luci-app-mwan3" and click OK to download and install the luci-app-mwan3 package and all related packages, including mwan3 itself and all dependencies 
 + 
 +=== SSH method ===
<code> <code>
-"C:\Program Files (x86)\PuTTY\pscp.exe" -scp *.ipk root@192.168.1.1:/tmp+# update package list to prepare for package dependency downloads 
 +opkg update 
 + 
 +# back up the current mwan3 configuration file just in case the automatic backup doesn't work 
 +cp -a /etc/config/mwan3 /etc/config/mwan3-tempbackup 
 + 
 +# install luci-app-mwan3, mwan3 and all required dependencies 
 +opkg install luci-app-mwan3
</code> </code>
-===== Installation =====+==== OpenWrt 12.09 ==== 
 + 
 +  * This is the method when using manually downloaded mwan3 packages (see above)
<code> <code>
Line 328: Line 352:
</code> </code>
-==== Reboot if needed ====+==== Restart LuCI or reboot if needed ==== 
 + 
 +To ensure the new menu item for mwan3 appears, restart the web server hosting the LuCI interface (or just reboot the router). 
 + 
 +  * Go to System > Startup 
 +    * click the "Restart" button next to the uhttpd process 
 +    * Re-log into LuCi
-  * Check that there is a new tab in LuCI, Network > Load Balancing +A new menu entry "Network > Load Balancing" should now be present.
-  * Reboot the router if this tab is not present+
==== Upgrades ==== ==== Upgrades ====
Line 421: Line 450:
  * If a policy is not referenced by a specific traffic rule, the policy will not do anything, so it is fine to leave unused policies in place in case they are desired in the future.   * If a policy is not referenced by a specific traffic rule, the policy will not do anything, so it is fine to leave unused policies in place in case they are desired in the future.
-  * If you have a traffic rule that matches a policy, but all the members (interfaces) for that policy are down, the exit strategy for that policy is "unreachable".+  * If you have a traffic rule that matches a policy, but all the members (interfaces) for that policy are down, the exit strategy for that policy defaults to "unreachable". This is configurable with the last_resort option. Valid values are: blackhole, unreachable or default.
  * A working mwan3 config has at least 1 policy configured.   * A working mwan3 config has at least 1 policy configured.
Line 536: Line 565:
===== Further configuration tips ===== ===== Further configuration tips =====
-==== OpenWrt hotplug script fix ====+==== OpenWrt hotplug script fix (OpenWrt 12.09 only) ==== 
 + 
 +**This is for OpenWrt 12.09 only. The OpenWrt 14.07 hotplug scripts were substantially re-written and there is no evidence yet that the workaround below is needed on OpenWrt 14.07.**
  * Forum member tcherenato found that adding a 1 second pause to the OpenWrt hotplug launch script helps prevent occasional segmentation faults when mwan3 performs hotplug operations. It is not known currently what the root issue is (or even if it is in mwan3 at all) but the change is recommended.   * Forum member tcherenato found that adding a 1 second pause to the OpenWrt hotplug launch script helps prevent occasional segmentation faults when mwan3 performs hotplug operations. It is not known currently what the root issue is (or even if it is in mwan3 at all) but the change is recommended.

Back to top

doc/howto/mwan3.1408607066.txt.bz2 · Last modified: 2014/08/21 09:44 by adze