Load balancing Lan clients

High there, I purchased a Newfi-mini with...pre installed. A flavor of openwrt.
PandoraBox 18.07 2018-07-26-git-e717545 / LuCI Master (git-18.191.64311-165cb77)
I have all the interfaces, software, policies and rules set for dual WAN IPv4 and an interface for IPv6
I noticed that after boot only one WAN connection us used for all traffic and then finally it starts routing all traffic to the other WAN until it "almost" catches up and then it starts switching back and forth between WAN connections sending traffic down only one WAN connection at a time even with multiple devices connected to the LAN assessing different web sites. So, it's clearly trying to balance the WAN's [ISP's] using only one connection at a time. I don't care about balancing the experience to the ISP's Both WAN's are set to metric 1 and weight 1.

Here is the problem and what I purchased the load balancer for...
I want to improve the experience to multiple users connected to the LAN as a load balancing priority.

i.e. I want traffic from "any LAN user" to "any destination" to be routed to the "least active" WAN connection.
Example: If I am watching a YT video or downloading a large file consuming most or all the bandwidth of one connection [I only have 5.5Mb/s + 6Mb/s available] and my daughter turns on the TV to watch Netflix, instead of her getting the pause buffer circle, the load balancer automatically routes her traffic down the other connection so I maintain max single connection download and she gets no buffer circle. Hence improving the overall experience of LAN users utilizing both connections at the same time.
I need a rule or policy to enable this feature to balance LAN instead of WAN priorities.
One would thing that this would be ONE of the fundamental purposes of load balancing.
Bonding would be nice but is out of the question.
Please help me sort this out!

Perhaps you should ask the PandoraBox people, or try to upgrade to a more recent OpenWrt version.

1 Like

Is this even possible? I purchased the router pre installed. I don't think PandoraBox is active anymore because when I go to "system/software/update lists" there is no connection to the lists download feature...

Downloading http://downloads.pangubox.com:6380/pandorabox/18.07/targets/ralink/mt7620/packages/Packages.gz
*** Failed to download the package list from http://downloads.pangubox.com:6380/pandorabox/18.07/targets/ralink/mt7620/packages/Packages.gz

The platform is identical to official openwrt so the question is there a rule or policy that can be enforced so that a new connection to an internet server is routed to the "least active" WAN connection/interface?

citing from your other highjacked thread post: Load balancing wlan? - #4 by DrHarryT

I want better LAN distribution over my two WAN connections. I have an openwrt based load balancing duel WAN router…
I would like to know if there is a mwan3 rule or policy which will route new connections to the "least" active WAN connection? My DSL connections are only... 5.5Mb/s and 6.5Mb/s

Though as you dripfeed info into separate threads, we dont know, if this is now the full set of info. Practically the following answer of me might be of no help at all, I originally wrote it in the other thread, before I saw this, where you revealed that you are not even using OpenWRT, but something else:

2x 6mbit isnt much, you might expect too much. The following will not do magic, but can turn an large problem into a small problem:

try QoS firewall rules, to priorize traffic targeting netflix IPs

try smart queue management (practically any router can handle the resulting CPU load for 2x 6mbit/s throughput), that will likely not solve VoD issues on an line that gets exausted by a single video stream already, but might improve other issues in your network a bit. You likely do not only have video issues with such low WAN throughput.

try more suitable MWAN3 rules:

  • route daughter/netflix requests to WAN1 and use failover for that to WAN2.
  • route everything else/non-video-client IPs with opposite WAN preference.

if needed, you could create a second LAN interface and 2nd LAN zone with a separate VLAN(or DSA, depending on your routers ability). This gives you a different subnet IP range. This will not speed up anything, but gives you more options: you then have different source subnets, for more coarse grained ranged rules for QoS or MWAN3. Google openwrt guest network.

if needed, create 2 separate Wifi networks to join, corresponding with your 2 WAN lines, in case you have several video watching family members at the same time. As practically only 2 streams are possible at the same time, family of more than 2 persons can then manually fine tune activities.

PS: I am not sure, if WAN3 has advantage at all for you, does either of the DSL lines have frequent downtimes? MWAN3 is more aimed at high availability/failover, but not really for cable bonding or loadbalancing

1 Like

Both DSL lines are from the same ISP source in this rural area where they have monopolization so the failover feature is of no use, htey both go down at the same time, primarily when there is a power outage. The second DSL is using the second set of copper to my house and is free for me. The ports in their main box are all throttled to 6Mb/s because they have limited bandwidth to disperse to customers and Is the maximum they sell in this area. While Netflix is included it isn't the primary issue, therefore prioritizing specific websites isn't a solution.

The goal is to have a central point distribution for my home network management using a Netgear Wireless AC1750 (R6400) Then to have the load balancer (Newfi-Mini) distribute the LAN load between the two WAN connections utilizing both at the same time with a policy that channels any user [device] down the least active connection to any website without having to make rules and or policies for any specific MAC or web host. I understand that it's not "bonding" where a single application running on a single device can utilize both connections at the same time. Maybe two different applications accessing tow different web sites could utilize both connections at the same time...Maybe? But at least two different devices accessing different websites could be able to use both connections at the same time.

The simplest way to put it is for any new connection request to be sent down the least active connection.

I do have a Netgear WNDR4500 which is compatible with openwrt-22.03.2 but that opens a can of worms of possible boot loops using the internal flash method and would prefer to not go down that path unless openwrt official [22.03.2] will fulfill my needs as specified above. In other words, why risk bricking a perfectly good router it it's not going to work the way I need it to.

I took college classes a decade ago and became "networking certified and have been building and configuring computers so I am not completely illiterate but can be considered a novice and know enough to get me into trouble.
I could really use some help solving this problem if it is at all possible. To utilize the limited bandwidth I have to improve the internet experience for multiple users by using both connections at the same time.

mwan3 as a load balancer uses a direct round-robin scheme where each new connection is assigned to the next wan in sequence. This works about as well as anything else when there are a large group of users and their activity is random. There isn't any consideration of which connection is "busier" -- if you have a hotel full of people on two DSL lines, they're both going to be busy.

An instance of SQM on each wan is essential.

1 Like

leaving config choices, entering debate area:
My (likely limited) knowledge of this: the „real“ solution that the broad market is fixated on for this problem is in ongoing development and adoption for more than a decade now: multipath tcp.
You might have to give it another 5-10 years sadly….

Other than that there are the already mentioned (meager) improvement tricks (maybe i missed some other minor tricks). And for sure, the config and complexity overhead might be a lot compared to the experienced actual improvement. But it is more or less all you got at hand right now.

Other than that, I somehow remember having heard of proprietary VPN line aggregation solutions, a client and server side component, each connected to both lines. The client forking and merging packets on home side, 50% to each line, the server doing the same, the server also being connected via real broadband to the remaining Internet area. Overall a tunnel with noticable ping lags and my impression was: seems like no wide spread availability of anything. I am not aware of any OpenWRT package for that (and you would also need to rent a server side somewhere for hosting the other node).

Your device-bricking concerns:
I dont have experience with the mi and co. chinese router devices. My impression is though, most of them are a bit quirky to first-install or to recover.
For non-pros, if you are worried about bricking your device, I would recommend, getting a cheap secondary device (one for testing, one for production) and probably also research the list of devices, looking for a device with an easier failed-flash recovery method: There are dual-partition devices, there is the TFTP method via TCP. There is what D-Link devices often have: holding reset during boot boots it to a browser based mini repair-firmware on a separate flash partition that is never overwritten by OpenWRT. So a simple web browser can fix a bricked firmware partition. So lots of recovery options and simple recovery without soldering (if you choose the right device)

oh, and there is a unified method available on most devices, to reset the OpenWRT config

Thank You for your reply. Unfortunately this "round-robbin" feature does not seem to be working.
I can reset both WAN's to zero the bit and time counters. Connect one computer to a YT video and randomly one of the WAN's begins to start counting. Then go and connect another computer to a Rumble video, yet the data transfer increases and continues on the single WAN connection. The other WAN stays dormant with just a few KB happening for a long time, up to over 2GB data on the first WAN. Then when it feels like it, it transfers ALL the data load over to the other connection leaving the first one now mostly dormant. Just about time it catches up, it then starts switching ALL data transfer back and forth between the two WAN's keeping the bandwidth consumption relatively equal. No matter what devices I connect in addition, ONLY ONE WAN is in use at any given time thus always leaving half my available bandwidth on the table unused. It would be really great if the round-robin worked as you say.

I have the standard interfaces linked to mwan with generic ipv4 policies/rules and in the firewall zones for each interface.
Maybe there is some form of tutorial or configuration file download to get it working.
I've only recently learned the basics in the last couple of weeks since I took delivery of the Newifi-mini duel WAN load balancer. It is PandoraBox but from what I can see it is virtually identical to openwrt.

Yes I heard about third party VPN bonding solution [Spedify] where you install their software in your computer tight two LAN cards and both modems going into those cards. That provides bonding only for the computer it's installed in, I heard it's unreliable and it cost $20 a month for an unlimited data subscription. Maybe if you had a third LAN card and sent that into a wireless router using the Windows feature... "share this computer's internet connection" it might work.

Unfortunately the "round-robin" feature is not working. I have 2 DSL WAN's with multiple devices connecting to the router accessing different websites, yet only 1 of the WAN interfaces us used at any given time. ALL traffic/connections go down on WAN for a random period [no rhyme or reason] and then ALL traffic get diverted to the other WAN for a random period. Since one WAN is 5.5MB/s and the other is 6.5MB/s the bandwidth of whichever WAN is in use gets easily capped out causing buffering on individual connections while the "Load Balancer" refuses to use the dormant WAN to help out.
It has standard firewall rules, both interfaces are added to the MWAN3 plugin with different metrics [10/20] and equal weighting. I know "failover" is a common use feature but that means nothing to me since both of my DSL connections come from the same ISP. [different wires/ports/accounts] so if one fails the other fails too such as in a power failure.
What could be wrong?