Investigating and testing I found a way to do what I raised in this post, but in turn I found an important problem related to the configuration.
I have used the Source NAT function in the Firewall. For this I have created 2 WAN interfaces (WAN1 and WAN2). In both cases I have not marked the MASQUERADE and MSS CLAMPING function. It remained like this:
For device 1:
Source Zone: lan
Source IP Address: 192.168.1.2 (device 1)
Destination Zone: wan1
SNAT IP Address: 10.x.x.x (this is the dynamic IP assigned by the ISP)
For device 2:
Source Zone: lan
Source IP Address: 192.168.1.3 (device 2)
Destination Zone: wan2
SNAT IP Address: 10.x.x.x (this is the dynamic IP assigned by the ISP)
All this through the GUI LuCi.
It works perfectly, each device on the LAN has its independent connection to each WAN.
BUT it presents an important inconvenience, and that is why I ask for help with this post to try to solve it.
The characteristics of our ISP were explained in this post, so I will not repeat the same. The detail is that the ISP, when assigning dynamic IPs, they change every 15 minutes when the interface is not logged on. Therefore, the IP that is written in SNAT IP Address stops working. To reestablish the connection to the WAN it is necessary to manually change the IP in SNAT IP Address. This is totally unfeasible to do since it would have to be aware of each time the WAN interface changes IP to manually change that IP. If the IP in the WAN were static, this would work OK, but this is not the case.
Is there any way to make SNAT IP Address change dynamically every time the WAN does it? Maybe through CLI or some other command.
Hi, thanks for commenting. The reason why it is no use to implement Masquerade is in this article. There I have explained what I want to do, but with Masquerade I have not been able to achieve it, but with SNAT I could. The main obstacle that I have encountered is that SNAT seems to only work with static IP. So far nobody has been able to give me an idea of how to do this in OpenWRT.
I've already done it with RouterOS by Mikrotik, but it would be great to do it with OpenWRT, I LOVE THIS OPERATING SYSTEM AND ITS CAPABILITIES.
Our country is a unique case in terms of Internet and we have had to resort to unusual solutions to solve problems posed by Internet access here.
I am having a hard time understanding why mwan3 wouldn't work here?
I have had some pretty complex and funky wan setups over the years, and regardless of whether I actually have multiple real wans or not I still use mwan3 to control addresses outbound. If you are using the same physical real interface to string up the openwrt interface then I understand your problem with masquerading, but that can be solved by creating a second real interface to attache to openwrts wan2. Just look at the package kmod-macvlan, and you can spin up the interface as a part of rc.local then masquerading will work fine, and you can use mwan3 to route in the manner you like WITHOUT needing to carve out separate lans (adding router overhead for local connections)
Ah another thing I remembered, a lot of devices share mac addresses across vlans when it comes to a single switch. Also a good reason to ensure it is not by creating your own interfaces with known single ip to single mac address.
edit: although if that were the case I have no idea how your ISP is handing you out unique addresses
