Multiwan. Can't properly configure for 2 wan channels

Installing and Using OpenWrt
1

Hi everybody.
need a guru suggestion i guess in routing rules..

so, the situation...

The task is very simple
I'm planing to to create 2 networks where one clients from lan1 will access Internet via wan1 and clients from lan2 - via wan2.

I'm using mwan3 package to configure it
I've configured the following

  1. LANs
    lan - 192.168.2.0/24 (br-lan)
    lan2 - 192.168.22.0.24 (br-LAN2)

  2. WANs
    wan - dhcp (eth0.3)
    wan2 - VPN connection (l2tp-wan2)

  3. Added several zones to firewall
    lan -> wan
    wan -> masq
    lan2 ->wan2
    wan2 -> masq

  4. then I've configured mwan3
    Interfaces

  • wan
  • wan2
    Members
  • wan_m1_w3 (wan)
  • wan2_m2_w2 (wan2)
    Policies
    wan_only (member wan_m1_w3)
    wan2_only (member wan2_m1_w2)
    Rules
    lan1 - 192.168.2.0/24 to policy wan_only
    lan2 - 192.168.22.0/24 to policy wan2_only
  1. Start testing
root@SmartBox2:~# route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.26.1    0.0.0.0         UG    0      0        0 eth0.3
default         10.9.9.1        0.0.0.0         UG    1      0        0 l2tp-wan2
10.9.9.1        *               255.255.255.255 UH    0      0        0 l2tp-wan2
185.151.58.113  192.168.26.1    255.255.255.255 UGH   0      0        0 eth0.3
192.168.2.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.22.0    *               255.255.255.0   U     0      0        0 br-LAN2
192.168.26.0    *               255.255.255.0   U     0      0        0 eth0.3

root@SmartBox2:~# traceroute -i eth0.3 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 38 byte packets
 1  192.168.26.1 (192.168.26.1)  0.000 ms  0.000 ms  0.000 ms
 2  192.168.8.1 (192.168.8.1)  24.004 ms  24.004 ms  28.005 ms
 3  *^C

works... goes vie eth0.3 (wan)

root@SmartBox2:~# traceroute -i l2tp-wan2 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 38 byte packets
 1  10.9.9.1 (10.9.9.1)  76.013 ms  140.024 ms  84.014 ms
 2  192.168.0.1 (192.168.0.1)  88.015 ms  72.013 ms  68.012 ms
 3  185.130.205.174 (185.130.205.174)  76.013 ms  88.015 ms  64.011 ms

works... goes via l2tp-wan3 (wan2)

  1. start testing on clients
    Client from LAN (192.168.2.24)
traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
 1  smartbox2 (192.168.2.1)  2.486 ms  1.681 ms  1.521 ms
 2  192.168.26.1 (192.168.26.1)  1.949 ms  2.187 ms  1.940 ms
 3  192.168.8.1 (192.168.8.1)  20.567 ms  35.186 ms  41.730 ms

works... goes via eth0.3 (wan) on router
nslookup work's as well

Client from LAN2 (192.168.22.144)

traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
 1  192.168.22.1 (192.168.22.1)  1.867 ms  2.196 ms  1.529 ms
 2  10.9.9.1 (10.9.9.1)  62.923 ms  90.560 ms  74.520 ms
 3  192.168.0.1 (192.168.0.1)  64.982 ms  85.442 ms  83.329 ms
 4  185.130.205.174 (185.130.205.174)  82.975 ms  73.417 ms  78.391 ms

works... goes vie l2tp-wan2 on router
nslookup work's as well

The issue...
Everything looks fine...
But when I'm trying to open any URL in browser i got
"This site can’t be reached
whoer.net unexpectedly closed the connection"

if i delete the default route
default 192.168.26.1 0.0.0.0 UG 0 0 0 eth0.3

and get

root@SmartBox2:~# route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.9.9.1        0.0.0.0         UG    1      0        0 l2tp-wan2
10.9.9.1        *               255.255.255.255 UH    0      0        0 l2tp-wan2
185.151.58.113  192.168.26.1    255.255.255.255 UGH   0      0        0 eth0.3
192.168.2.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.22.0    *               255.255.255.0   U     0      0        0 br-LAN2
192.168.26.0    *               255.255.255.0   U     0      0        0 eth0.3

browser start working... and requests goes via l2tp-wan3 (i'm checking with whoer.net)
at the same time client in LAN lose access (while traceroute and nslookup continie working)

Please advise what's wrong with my configuration and what should i do.

MWAN config

config rule 'lan1'
	option src_ip '192.168.2.0/24'
	option proto 'all'
	option use_policy 'wan_only'

config rule 'lan2'
	option src_ip '192.168.22.0/24'
	option proto 'all'
	option use_policy 'wan2_only'

config interface 'wan'
	option enabled '1'
	list track_ip '8.8.4.4'
	list track_ip '8.8.8.8'
	list track_ip '208.67.222.222'
	list track_ip '208.67.220.220'
	option reliability '2'
	option timeout '2'
	option interval '5'
	option count '3'
	option down '10'
	option up '2'

config interface 'wan2'
	list track_ip '8.8.8.8'
	list track_ip '208.67.220.220'
	option reliability '1'
	option count '1'
	option timeout '2'
	option interval '5'
	option down '3'
	option up '8'
	option enabled '1'

config member 'wan_m1_w3'
	option interface 'wan'
	option metric '1'
	option weight '3'

config member 'wan_m2_w3'
	option interface 'wan'
	option metric '2'
	option weight '3'

config member 'wan2_m1_w2'
	option interface 'wan2'
	option metric '1'
	option weight '2'

config member 'wan2_m2_w2'
	option interface 'wan2'
	option metric '2'
	option weight '2'

config policy 'wan_only'
	list use_member 'wan_m1_w3'

config policy 'wan2_only'
	list use_member 'wan2_m1_w2'

config policy 'balanced'
	list use_member 'wan_m1_w3'
	list use_member 'wan2_m1_w2'

config policy 'wan_wan2'
	list use_member 'wan_m1_w3'
	list use_member 'wan2_m2_w2'

config policy 'wan2_wan'
	list use_member 'wan_m2_w3'
	list use_member 'wan2_m1_w2'