Allow users to select WAN connection

Hi guys. I have a net cafe where I need to allow end-users to select their preferred WAN connection (or ISP). It is a per-user preference, hence I cannot enforce it on the main router by myself.

Currently I have a 2 routers, each going to an ISP. They have local addresses of and (netmask /24), and users are able to select their ISP by changing the gateway on Windows. In reality, I have a small utility for them to use mouse to click the ISP name, which in turn changes the default gateway under the hood.

Having 2 IP addresses is a must. But having 2 routers is inconvenient for my management purpose. Is there any way I can do that with a single OpenWrt router? I am thinking of:

  • Create 2 WAN interfaces on the OpenWrt router connecting to ISP1 and ISP2
  • Create 2 LAN interfaces: gateway1 with the IP address and gateway2 being, with both using eth0 as physical interface backend

I do not know what do to next to force traffic sending to to go to ISP1 and to go to ISP2. From the end user PCs perspective, they just use ARP to get the MAC address of the OpenWrt LAN interface (which should be the same for both and and send IP packets with source addresses of their own and destination addresses of the websites they want to connect. I know I can change the MAC address of gateway1 and gateway2 but is there any option to enforce policy routing via destination MAC addresses? Or are there better ways to do this?

Why do you need to allow the user to select? And how do you envision that happening in practice?

The easiest method to enable selection is to setup two entirely separate networks - maybe the ssid would be “my cafe - isp 1” and “my cafe - isp 2”


It is not something I need to envision to happen in practice -- it is happening almost every single day. Sometimes an ISP has network issue with 1 of their routers, which cause Internet connection to a particular game server to lag. My users will change the ISP by themselves, depending on the game they are playing.

The PCs they use are gaming desktop PC with a single network cable connecting to the switch. They do not use SSID or Wi-Fi of any sort.

From what I know OpenWrt does not support VRF (Virtual Routing and Forwarding) yet.

I would recommend looking at mwan3 and load balancing/failover settings. But if you need to make it. A user choice, things are more complicated so mwan3 + 2 ssids with different networks, or 2 routers with their own networks.


It does.

Vlans and present them a second cable.

1 Like

Double the number of access switches in the Internet cafe due to port shortage. The core switch also needs an upgrade because there are more access switches to connect to. Buy an additional network card for each PC. Also double the number of cables, which further increases costs and maintenance burden. After that listen to user complaints every day because they cannot see local games hosted by their friends sitting next to them (since they are on different subnets, obviously).

Do you think this is a viable solution when running a business? I am looking forward to improving the system: to optimize costs while simplify management.

There isn’t really a practical method to achieve your task - at least nothing that already exists (that I am aware of).

To make a single network that has this functionality would probably require some clever development that combines a captive portal and 802.1x authentication to steer clients to the desired gateway while having a single subnet.

1 Like

Yeah, this was the way it was done in my previous job.
I'm sorry that it doesn't look financially viable to you.
Best of luck making it work now that you know that OpenWrt supports VRF and you can put your plan in action.

1 Like

What about VRRP with keepalived? 2 physical routers, 1 virtual gateway IP and switch Master Router when ISP is unreachable. Maybe with a script that checks for connectivity?

All these can be covered by mwan3 and there is no need for VRRP.

1 Like