Wiki Search

Actions

Translations

You are here: OpenWrt Wiki » Documentation » The UCI System » Simple multi WAN configuration
Table of Contents

Under Construction!
This page is currently under construction. You can edit the article to help completing it.

Simple multi WAN configuration

The uci configuration file /etc/config/multiwan is provided by the multiwan package. The package is an agent script that makes Multi-WAN configuration simple, easy and manageable. Complete with load balancing, failover and an easy to manage traffic ruleset.

Install

With LuCI interface

In LuCI goto:

  • System → Software → Update package lists
  • System → Software → Scroll down to Available packages → Click the Install link on the luci-app-multiwan package

Then you can find the multiwan configuration in Network → Multi-WAN

CLI only

opkg update
opkg install multiwan
/etc/init.d/multiwan enable
/etc/init.d/multiwan start
/etc/init.d/multiwan single

Sections

General options

config 'multiwan' 'config'
        option 'default_route' 'balancer'

Name Default Options Description
default_route balancer balancer/fastbalancer/<interface> Selects the default path for all unspecified traffic
health_monitor parallel parallel/serial Memory footprint related
debug 0 0/1 Output debug to log
lan_if lan <firewall lan zone> 

uci set multiwan.config.health_monitor=serial
uci commit multiwan
/etc/init.d/multiwan restart

* Load Balancing via netfilter is referred to as the Fast Balancer (Best Distribution)

* Load Balancing via iproute2 is again referred as Load Balancer (Best Compatibility)

* wanrule for the Fast Balancer is now "fastbalancer"

* wanrule for the Load Balancer is still just "balancer"

It seems fastbalancer is superior to balancer in terms of stability but Youll need to check both settings to find better one in Your case.

WAN Interfaces

config 'interface' 'wan'
        option 'weight' '10'
        option 'health_interval' '10'
        option 'icmp_hosts' 'dns'
        option 'timeout' '3'
        option 'health_fail_retries' '3'
        option 'health_recovery_retries' '5'
        option 'failover_to' 'wan2'
        option 'dns' 'auto'

config 'interface' 'wan2'
        option 'weight' '10'
        option 'health_interval' '10'
        option 'icmp_hosts' 'dns'
        option 'timeout' '3'
        option 'health_fail_retries' '3'
        option 'health_recovery_retries' '5'
        option 'failover_to' 'wan'
        option 'dns' 'auto'

Name Default Options Description
weight 10 disable/1-10 Load Balancer Distribution
health_interval 10 disable/5/10/20/30/60/120 Health Monitor Interval in seconds
icmp_hosts ? disable/dns/gateway/<host> Health Monitor ICMP Host(s)
timeout ? disable/1-5/10 Health Monitor ICMP Timeout
health_fail_retries ? 1/3/5/10/15/20 Attempts Before WAN Failover
health_recovery_retries ? 1/3/5/10/15/20 Attempts Before WAN Recovery
failover_to ? disable/balancer/fastbalancer/<interface> Failover Traffic Destination
dns auto auto/<dns> DNS Server(s) 

uci delete multiwan.wan2
uci set multiwan.wwan=interface
uci set multiwan.wwan.weight=3
uci set multiwan.wwan.health_interval=disable
uci set multiwan.wwan.icmp_hosts=disable
uci set multiwan.wwan.timeout=3
uci set multiwan.wwan.health_fail_retries=3
uci set multiwan.wwan.health_recovery_retries=5
uci set multiwan.wwan.failover_to=fastbalancer
uci set multiwan.wwan.dns=auto
uci commit multiwan
/etc/init.d/multiwan restart

For ppp 3G WAN interfaces its helpfull to manually set DNS servers for every WAN in multiwan configuration. In case of issues with two ot more 3G dongles You can add in etc/config/network follwowing rules for every wan interface: 

option 'peerdns' '0'
option 'defaultroute' '0'

Outbound Traffic Rules

Tail rule take precedence in case more than 1 rule match. FIXME not clear enough. 

config 'mwanfw'
	option 'src' '192.168.1.0/24'
	option 'proto' 'udp'
	option 'port_type' 'source-ports'
	option 'ports' '5060,16384:16482'
	option 'wanrule' 'wan'

Name Default Options Description
src all all/<IP>/<hostname> Source Address
dst all all/<IP>/<hostname> Destination Address
port_type dports dports/source-ports
ports all all/<port,port:range> Ports
proto all all/tcp/udp/icmp/<custom> Protocol
wanrule balancer/fastbalancer/<interface> WAN Uplink
failover_to balancer/fastbalancer/<interface> multiwan_per_mwanfw_failover.patch.txt 

uci add multiwan mwanfw
uci set multiwan.@mwanfw[-1].src=192.168.2.0/24
uci set multiwan.@mwanfw[-1].dst=www.whatismyip.com
uci set multiwan.@mwanfw[-1].wanrule=fastbalancer
uci commit multiwan
/etc/init.d/multiwan restart

Quick Multiwan setup guide by AndyBallon

andyballon made quick installation guide and post it in https://forum.openwrt.org/viewtopic.php?id=23904&p=3 post #75

1. Install Backfire 10.03

  1. for first time install see Openwrt documentation
  2. for upgrades from Kamikaze use the .trx and install via the web interface
  3. for bricked <smirk> routers see tftp install of .bin file

http://wiki.openwrt.org/doc/howto/tftp note: don't forget to login via telnet and change root passwd for ssh to work

2. Create extra Vlan for Wan2

I do this via /etc/config/newtork.

note: I removed port "0" from eth0_0 and gave it to eth0_2.

You can configure wan and wan2 proto as dhcp to strt and then use the web interface to configure the pppoe or static ip later. Use the same DNS servers I'm using if you're having DNS problems. Some ISPs only allow DNS connections from their IP blocks. 

root@culiat-wg:~# cat /etc/config/network

config 'switch' 'eth0'
        option 'enable' '1'

config 'switch_vlan' 'eth0_0'
        option 'device' 'eth0'
        option 'vlan' '0'
        option 'ports' '1 2 3 5'

config 'switch_vlan' 'eth0_1'
        option 'device' 'eth0'
        option 'vlan' '1'
        option 'ports' '4 5'

config 'switch_vlan' 'eth0_2'
        option 'device' 'eth0'
        option 'vlan' '2'
        option 'ports' '0 5'

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto' 'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'

config 'interface' 'lan'
        option 'type' 'bridge'
        option 'ifname' 'eth0.0'
        option 'proto' 'static'
        option 'stp' '1'
        option 'ipaddr' '192.168.1.1'
        option 'netmask' '255.255.255.0'

config 'interface' 'wan'
        option 'ifname' 'eth0.1'
        option 'proto' 'dhcp'
        option 'dns' '216.146.35.113 216.146.36.113 8.8.8.8 8.8.4.4'
        option 'defaultroute' '0'
        option 'peerdns' '0'

config 'interface' 'wan2'
        option 'ifname' 'eth0.2'
        option 'dns' '216.146.35.113 216.146.36.113 8.8.8.8 8.8.4.4'
        option 'proto' 'dhcp'
        option 'defaultroute' '0'
        option 'peerdns' '0'

3. Install prerequisite software

ip, iptables, iptables-utils, iptables-mod-conntrack, iptables-mod-conntrack-extra, iptables-mod-ipopt and kmod-ipt-ipopt this is how I do it:

"opkg install http://downloads.openwrt.org/backfire/10.03/brcm47xx/packages/ip_2.6.29-1-2_brcm47xx.ipk" note: if you're new to all of this it's better to install all the applications first including multiwan before configuring vlans so your internet connection does not go kookie on you. If you did because you're folowing this guide, then just shutdown a interface like so: "ifconfig eth0.2 down"

4. Install multiwan and it's web control package (luci-app)

Reboot to refresh the web ui. I always need to do this otherwise the link does not show up in networking.

5. Configure Wans && configure multiwan

Wans: Network > Interfaces > Wan/WAN2 note: when asked which firewall zone to add wan2 choose wan so it has the same firewall rules for wan connections. Otherwise you'll have to manually recreate the fw rules for wan2.

Multiwan: Network > Multiwan checkout the bottom page to see samples of the settings. here's how i got mine setup:

  • a. I only have two internet connections so I always remove the last two wan interfaces. I also comment out MWAN3 and MWAN4 in /etc/iproute2/rt_tables (although it may not be necessary).
  • b. Load Balancer Distribution = 1 for even connection distribution

note: You'll get per connection distribution not per packet so don't expect one download to come from both gateways. Lots of talk on this in the internet. Failover = LoadBalancer for both links

  • c.Traffic Rules

note: checkout the examples Source, Destination, protocol, Ports, WAN Uplink all, all,all,all, Load Balancer all, all, UDP, all, wan ←- this is so all vpn and voip connection goes through 1 gateway only that's it!

6. Test.

  1. Status > Interfaces should show traffic going through both interfaces.
  2. route distribution

 root@culiat-wg:~# ip route show table 123
 192.168.2.0/24 dev eth0.2  proto kernel  scope link  src 192.168.2.214
 192.168.1.0/24 dev br-lan  proto kernel  scope link  src 192.168.1.1
 114.108.201.0/24 dev eth0.1  proto kernel  scope link  src 114.108.201.49
 default  proto static
        nexthop via 114.108.201.1  dev eth0.1 weight 1
        nexthop via 192.168.2.1  dev eth0.2 weight 1

  1. "route" should give you two default gateways
  2. try a torrent with lots of seeders. If you have a internet line that can do 90kbps max download, and another that can do 180kbps max if multiwan is working properly you should get a download rate greater than the higher rated link.
  3. pulling the plug from a wan port should still give you internet connection

7. Troubleshooting

There's a problem if

  1. when you refresh the Interface status page and the Transfer rate of one interface does not change
  2. when you you go the the Interface Status page you only see one wan interface
  3. when you do "route" you only get one default gateway
  4. when you do "ip route show table 123" you don't get nexthops
  5. etc.

Fix:

  1. post your problem in the thread. :D

8. Extras

If you have two or more connections to the same ISP you should try:

  1. ECMP using quagga http://quagga.net/faq/kodgehopper-ecmp.html ←- hard core network stuff (makes you feel like a genius. :D)
  2. Channel bonding ←- this gives you per packet load distribution (effectively doubles your transfer rates)

Back to top

doc/uci/multiwan.txt · Last modified: 2012/01/28 10:46 by stormjumper