MWAN3 not migrating active connections?

Hi all,

First of all, I am fairly new to MWAN3, and I am setting up a failover configuration between Wifi (primary, wwan interface below) and LTE (secondary, LTEtest interface below), and ideally would like to have active connections (TCP, FTP, HTTPS, ... ) migrated to the failover interface and viceversa. My first question would be, is MWAN3 the right utility for this? Can it migrate active connections between interfaces?

My current setup consist on the wifi connected to my home router and the LTE card connected to an Orange APN, and I am checking if MWAN3 works by doing a "wget http://ip4.me" (apart from the status it reports) , verifying if the reported ip changes depending on the connectivity status of the interfaces. My setup works from the standpoint that the origin IP changes once I disconnect the wifi access point and then it changes again once the wifi access point is back again, however if I perform a "wget -c https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.6.0-amd64-netinst.iso" and disconnect the wifi access point in the middle of the download, the connection does not get migrated to the failover interface. What am I doing wrong? Below my /etc/config/mwan3


config globals 'globals'
        option mmx_mask '0x3F00'
        option logging '1'
        option loglevel 'notice'
        option rtmon_interval '5'

config rule 'https'
        option sticky '1'
        option dest_port '443'
        option proto 'tcp'
        option use_policy 'wifi_then_lte'

config rule 'default_rule_v4'
        option dest_ip '0.0.0.0/0'
        option family 'ipv4'
        option proto 'all'
        option sticky '0'
        option use_policy 'wifi_then_lte'

config rule 'default_rule_v6'
        option dest_ip '::/0'
        option family 'ipv6'
        option proto 'all'
        option sticky '0'
        option use_policy 'wifi_then_lte'

config interface 'LTEtest'
        option enabled '1'
        option initial_state 'online'
        option family 'ipv4'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'
        list track_ip 'www.google.es'

config interface 'wwan'
        option enabled '1'
        option initial_state 'online'
        option family 'ipv4'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'
        list track_ip 'www.google.es'

config member 'wifi_wan'
        option interface 'wwan'
        option metric '10'

config member 'lte_wan'
        option interface 'LTEtest'
        option metric '20'

config policy 'wifi_then_lte'
        list use_member 'wifi_wan'
        list use_member 'lte_wan'
        option last_resort 'unreachable'

And my network config


config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd91:587f:2ad7::/48'

config interface 'docker'
        option ifname 'docker0'
        option proto 'static'
        option auto '0'
        option netmask '255.255.255.0'
        option ipaddr '172.18.0.1'

config device 'docker0'
        option type 'bridge'
        option name 'docker0'
        list ifname 'docker0'

config interface 'wwan'
        option proto 'dhcp'
        option metric '10'

config interface 'LTEtest'
        option proto 'modemmanager'
        option device '/sys/devices/pci0000:00/0000:00:14.0/usb1/1-6'
        option apn 'orangeworld'
        option auth 'none'
        option iptype 'ipv4v6'
        option metric '20'

config interface 'eth1'
        option proto 'static'
        option ifname 'eth1'
        option ipaddr '192.168.100.8'
        option netmask '255.255.255.0'
        option metric '30'

config interface 'ETH0'
        option proto 'static'
        option ifname 'eth0'
        option ipaddr '192.168.200.8'
        option netmask '255.255.255.0'
        option metric '40'

Many thanks!!

It can reconnect your active connection, but not resume the download. For resuming the download use a download manager. I am not sure whether wget resumes your download.

1 Like

Hi @kukulo , thanks for your reply. However I do not see how it can reconnect your connection without the download being resumed - looking at it from a programmer perspective, how is the socket reassigned at the application level? If MWAN3 were to handle that automatically, it would be transparent for the application (and MWAN3 would possibly need to insert itself in the TCP/IP stack I guess), but it seems to me that this is not happening. Is it correct to assume that it only adjust iptables on a failover scenario and that it perform load balance on a connection basis (meaning that the traffic of a single connection is not split between all the interfaces used for the load balancing policy)?

Finally, do you know if there is a place with this kind of technical detail about MWAN3?

Many thanks again!

mwan3 cannot do much on resuming the download. The connection will be torn down, not gracefully, when the primary connection comes back up. So you'll have to rerun the wget command when the active interface is up, or use -t for retries.

1 Like

@trendy that implies that the original connection is not migrated and that a new connection need to be established when the failover policy is triggered in any direction, correct?

thanks for your reply!

The connections cannot be migrated. Your wifi has a different public IP than the lte, so the server from which you are downloading will not resume the connection coming from a different source IP.

4 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.