Currently I am using mwan3 to achieve this. Is there a better way to do what I want? Basically I want to use one wan for one pc and another for all other pcs.
I would imagine you could just configure the switch to do that; have two VLANs for WAN and two for LAN, and setup the firewall to allow the traffic as desired.
Please refrain form posting the same question in different threads.
1 Like
Thanks. Can you help me set this up or can you link an article which can help?
mwan is the best way to do it, as you can have failover in case one wan goes down.
1 Like
There is performance penalty to using mwan since the traffic has to be routed correctly. Is there any more efficient method so that I can just pass one to one lan device as a one to one connection?
I am not sure what you mean by that.
Create a new routing table for each host/hosts. (/etc/iproute2/rt_tables)
Then create rules; which host will be assigned to which routing table
https://openwrt.org/docs/guide-user/network/ip_rules
Finally add the default gateway and a route for the lan in each table.
https://openwrt.org/docs/guide-user/network/routes_configuration
1 Like
Buy two routers, but you won’t see any appreciable gains unless you’re already CPU starved.
The routing decision is such a tiny fraction of time and adding additional routes (within reason) doesn’t change the execution time enough to matter.
I am not sure if I understand it correctly so maybe I misspoke. If I have a gigabit connection and I am using not so fast router such as Archer c7 which gives a speed of 400 mbps without mwan. Will there is be a drop in speed if I use mwan to route the traffic vs not using mwan?
OK. Thank you. So, what consumes the most CPU in an Openwrt router? Why are routers such as Archer C7 not able to achieve gigabit speeds with openwrt?
For my understanding, wouldn't it work to have two sets of WAN and LAN interfaces, VLANs and firewall zones work, with default gateway for each LAN set to the corresponding modem?
You need policy routing (mwan3 or IP rules) if you want to use multiple default gateways (or other routes) and want the routing decision to depend on other parameters than the destination address (such as the source address), (BTW IPv6 is an exception since it supports source address dependent routing.)
2 Likes
Well, I understand that. But if it's one PC connected to a specific LAN port (separate VLAN), then why does it have to depend on the source address? All traffic coming from LAN1 will go to WAN1, and all traffic coming from LAN2 will go to WAN2, shouldn't that work?
It works if you use bridging instead of routing.
When routing, rules such as "All traffic coming from LAN1 will go to WAN1 and all traffic coming from LAN2 will go to WAN2" are called policy routing and implemented as IP rules on Linux. (Used by for example mwan3.)
Network namespaces could have been a solution since it allows you to create multiple IP stacks, but they aren't supported by openwrt,
3 Likes
Their single, MIPS-based CPU isn't even able to keep up with ~500 mpbs through the Ethernet interface.
Gigabit speeds weren't even conceivable for home users when this class of all-in-one routers came to market. For gigabit speeds with anything but a dumb switch/NAT, x86_64/AMD64 or "mvebu" devices are pretty much required.
But how are they marketed as AC1750? Do you mean that they can do 1 Gbps on the switch but not when routing?
Key word.
"AC1750" is a marketing term, not a technical one that relates to the actual performance of the router in any meaningful way.
In marketing buzzword bingo, "AC1750" stands for the accumulated theoretical data rate of the WLAN cards (no, you can't combine 2.4 GHz and 5 GHz to improve/ add their speeds, no, they won't ever reach their stated figures (around half of that, under ideal circumstances - individually, of course) - in this case 450 MBit/s for the 2.4 GHz band and 1300 MBit/s for the 5 GHz (yes, both figures are far from effectively achievable rates). It doesn't say anything about the wired component (no, vendors feel no shame marketing AC1200 (300+867 MBit/s) for a device which has only 100 MBit/s ethernet ports), nor the effective routing performance of the SOC.
4 Likes
OK, looking at their website I see how they calculated the "alleged" 1750.
But then, in plain English, they say: AC1750 Wireless Dual Band Gigabit Router and Full Gigabit Wired Connections for Ultrafast Data Transfer Speeds With one Gigabit WAN port and four Gigabit LAN ports
I understand that it's not only TP-Link that does that, and I'm personally not disappointed as my internet speed isn't anywhere near whatever the maximum actual speed is, but I think by the way they put it, they cross the line between using shiny marketing terms and just lying (if there was ever such line).
That's the nature of the game.
Admittedly, the OEM firmware might also offer proprietary hardware acceleration for the wired ethernet/ routing/ firewall ("hardware NAT" in case of the archer c7 - or making use of hardware offloading to dedicated network processing units (NSS cores, two 800 MHz non-ARM (LE ubicom32 derived-) CPU cores running a proprietary 'firmware' for accelerated network/ switch/ PPPoE/ firewall/ IPsec/ WLAN offloading) in case of ipq806x), neither of which are available for OpenWrt at this moment. So yes, the OEM firmware will reach higher routing speeds than OpenWrt (but not 1 GBit/s wirespeed on the Archer C7 either); the delta is less for WLAN performance (at the expense of higher CPU utilization under load).
1 Like