Mwan3 WAN interface offline but being wrongly detected as online by OpenWrt

Hello all.
I am using OpenWrt on Netgear R6220. I have configured 3 WAN interfaces with mwan3 (wan, wanb and wanc). Recently, I noticed that my first wan (wan) is DOWN due to some fault in the fibre connection. But surprisingly , the OpenWrt still shows it as UP.

Screenshot (38)1310×715 48.6 KB

Ping to the tracking ip also failed.

Screenshot (37)1243×1015 61 KB

The wan is still shown as online.

Screenshot (39)1246×1080 116 KB

This is probably interfering with the load balancing as I am having trouble connecting to the internet on some of my devices even though wanb and wanc are working.

Please help.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
mwan3 status

root@OpenWrt:~# ubus call system board; \
> uci export network; uci export firewall; \
> head -n -0 /etc/firewall.user; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
> mwan3 status
{
        "kernel": "5.4.154",
        "hostname": "OpenWrt",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "Netgear R6220",
        "board_name": "netgear,r6220",
        "release": {
                "distribution": "OpenWrt",
                "version": "21.02.1",
                "revision": "r16325-88151b8303",
                "target": "ramips/mt7621",
                "description": "OpenWrt 21.02.1 r16325-88151b8303"
        }
}
package network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option packet_steering '1'
        option ula_prefix '2001:4490::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan3'
        list ports 'lan4'
        option promisc '1'
        option acceptlocal '1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.0.1'
        option ip6assign '64'
        list ip6class 'local'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option metric '10'
        option delegate '0'

config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'
        option metric '10'
        option sourcefilter '0'
        option delegate '0'

config device
        option type 'bridge'
        option name 'br0'
        list ports 'eth0'
        list ports 'lan1'
        list ports 'lan2'
        option mtu '1500'
        option macaddr 'xx:xx:xx:xx:xx:xx'
        option txqueuelen '1000'
        option mtu6 '1500'
        option promisc '1'
        option acceptlocal '1'

config bridge-vlan
        option device 'br0'
        option vlan '1'
        list ports 'eth0:t'
        list ports 'lan1'

config bridge-vlan
        option device 'br0'
        option vlan '2'
        list ports 'eth0:t'
        list ports 'lan2'

config device
        option name 'br0.1'
        option mtu '1500'
        option macaddr 'xx:xx:xx:xx:xx:xx'
        option txqueuelen '1000'
        option mtu6 '1500'
        option promisc '1'
        option acceptlocal '1'

config device
        option name 'br0.2'
        option mtu '1500'
        option txqueuelen '1000'
        option mtu6 '1500'
        option macaddr 'xx:xx:xx:xx:xx:xx'

config interface 'wanb'
        option proto 'dhcp'
        option device 'br0.1'
        option metric '20'
        option delegate '0'

config interface 'wanb6'
        option proto 'dhcpv6'
        option device 'br0.1'
        option reqaddress 'try'
        option reqprefix 'auto'
        option metric '20'
        option sourcefilter '0'
        option delegate '0'

config interface 'wanc'
        option device 'br0.2'
        option proto 'static'
        option ipaddr '192.168.4.10'
        option netmask '255.255.255.0'
        option gateway '192.168.4.1'
        option metric '30'

config device
        option name 'wan'
        option promisc '1'
        option acceptlocal '1'

config device
        option name 'lan3'

config device
        option name 'lan4'

config route
        option target '218.0.0.0'
        option netmask '255.0.0.0'
        option interface 'wanc'
        option gateway '192.168.4.1'

config interface 'wanc6'
        option proto 'dhcpv6'
        option device 'br0.2'
        option reqaddress 'try'
        option reqprefix 'auto'
        option metric '30'
        option delegate '0'

config route
        option interface 'wanb'
        option target '10.0.0.0'
        option netmask '255.0.0.0'
        option gateway '192.168.100.1'

config route
        option target '192.168.2.21'
        option netmask '255.255.255.0'
        option gateway '192.168.29.1'
        option interface 'wan'

package firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option masq '1'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option masq6_privacy '1'
        option masq6 '1'
        list network 'wan'
        list network 'wan6'
        list network 'wanb'
        list network 'wanb6'
        list network 'wanc'
        list network 'wanc6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option target 'ACCEPT'
        list icmp_type 'echo-request'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option proto 'icmp'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
        list icmp_type 'bad-header'
        list icmp_type 'destination-unreachable'
        list icmp_type 'echo-reply'
        list icmp_type 'echo-request'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'unknown-header-type'
        option dest '*'
        option enabled '0'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled '0'

config include
        option path '/etc/firewall.user'

config include 'nat6'
        option path '/etc/firewall.nat6'
        option reload '1'

config forwarding
        option src 'wan'
        option dest 'lan'

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
7: wan@eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.29.13/24 brd 192.168.29.255 scope global wan
       valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.0.1/24 brd 192.168.0.255 scope global br-lan
       valid_lft forever preferred_lft forever
13: br0.1@br0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.100.29/24 brd 192.168.100.255 scope global br0.1
       valid_lft forever preferred_lft forever
14: br0.2@br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.4.10/24 brd 192.168.4.255 scope global br0.2
       valid_lft forever preferred_lft forever
default via 192.168.29.1 dev wan table 1 proto static src 192.168.29.13 metric 10
192.168.0.0/24 dev br-lan table 1 proto kernel scope link src 192.168.0.1
192.168.29.0/24 dev wan table 1 proto static scope link metric 10
default via 192.168.100.1 dev br0.1 table 3 proto static src 192.168.100.29 metric 20
10.0.0.0/8 via 192.168.100.1 dev br0.1 table 3 proto static metric 20
192.168.0.0/24 dev br-lan table 3 proto kernel scope link src 192.168.0.1
192.168.100.0/24 dev br0.1 table 3 proto static scope link metric 20
default via 192.168.4.1 dev br0.2 table 5 proto static metric 30
192.168.0.0/24 dev br-lan table 5 proto kernel scope link src 192.168.0.1
192.168.4.0/24 dev br0.2 table 5 proto static scope link metric 30
218.0.0.0/8 via 192.168.4.1 dev br0.2 table 5 proto static metric 30
default via 192.168.29.1 dev wan proto static src 192.168.29.13 metric 10
default via 192.168.100.1 dev br0.1 proto static src 192.168.100.29 metric 20
default via 192.168.4.1 dev br0.2 proto static metric 30
10.0.0.0/8 via 192.168.100.1 dev br0.1 proto static metric 20
192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.1
192.168.4.0/24 dev br0.2 proto static scope link metric 30
192.168.29.0/24 dev wan proto static scope link metric 10
192.168.100.0/24 dev br0.1 proto static scope link metric 20
218.0.0.0/8 via 192.168.4.1 dev br0.2 proto static metric 30
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev br-lan table local proto kernel scope link src 192.168.0.1
local 192.168.0.1 dev br-lan table local proto kernel scope host src 192.168.0.1
broadcast 192.168.0.255 dev br-lan table local proto kernel scope link src 192.168.0.1
broadcast 192.168.4.0 dev br0.2 table local proto kernel scope link src 192.168.4.10
local 192.168.4.10 dev br0.2 table local proto kernel scope host src 192.168.4.10
broadcast 192.168.4.255 dev br0.2 table local proto kernel scope link src 192.168.4.10
broadcast 192.168.29.0 dev wan table local proto kernel scope link src 192.168.29.13
local 192.168.29.13 dev wan table local proto kernel scope host src 192.168.29.13
broadcast 192.168.29.255 dev wan table local proto kernel scope link src 192.168.29.13
broadcast 192.168.100.0 dev br0.1 table local proto kernel scope link src 192.168.100.29
local 192.168.100.29 dev br0.1 table local proto kernel scope host src 192.168.100.29
broadcast 192.168.100.255 dev br0.1 table local proto kernel scope link src 192.168.100.29
0:      from all lookup local
1001:   from all iif wan lookup 1
1003:   from all iif br0.1 lookup 3
1005:   from all iif br0.2 lookup 5
2001:   from all fwmark 0x100/0x3f00 lookup 1
2003:   from all fwmark 0x300/0x3f00 lookup 3
2005:   from all fwmark 0x500/0x3f00 lookup 5
2061:   from all fwmark 0x3d00/0x3f00 blackhole
2062:   from all fwmark 0x3e00/0x3f00 unreachable
3001:   from all fwmark 0x100/0x3f00 unreachable
3003:   from all fwmark 0x300/0x3f00 unreachable
3005:   from all fwmark 0x500/0x3f00 unreachable
32766:  from all lookup main
32767:  from all lookup default
Interface status:
 interface wan is online 00h:03m:44s, uptime 00h:03m:56s and tracking is active
 interface wan6 is offline and tracking is paused
 interface wanb is online 00h:04m:57s, uptime 00h:05m:28s and tracking is active
 interface wanb6 is online 00h:05m:13s, uptime 00h:05m:20s and tracking is active
 interface wanc is online 67h:29m:41s, uptime 67h:30m:07s and tracking is active
 interface wanc6 is online 67h:29m:33s, uptime 67h:29m:49s and tracking is active

Current ipv4 policies:
balanced:
 wanc (28%)
 wanb (28%)
 wan (42%)
wan_only:
 wan (100%)
wan_wanb:
 wan (100%)
wanb_only:
 wanb (100%)
wanb_wan:
 wanb (100%)

Current ipv6 policies:
balanced:
 wanc6 (50%)
 wanb6 (50%)
wan_only:
 unreachable
wan_wanb:
 wanb6 (100%)
wanb_only:
 wanb6 (100%)
wanb_wan:
 wanb6 (100%)

Directly connected ipv4 networks:
192.168.100.0/24
224.0.0.0/3
192.168.0.0/24
218.0.0.0/8
192.168.4.0/24
10.0.0.0/8
127.0.0.0/8
192.168.29.0/24

Directly connected ipv6 networks:
2401:4900:1c33:d13::/64
2001:4490:4409:4bb1::/64
fe80::/64
2001:4490::/64
fd8c:fd18:2c36:c100::/64
fdb4:6e08:9357:c200::/64

Active ipv4 user rules:
 101K 6368K S https  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 443
 229K   22M - balanced  all  --  *      *       0.0.0.0/0            0.0.0.0/0  

Active ipv6 user rules:
86261 6999K S https  tcp      *      *       ::/0                 ::/0                 multiport dports 443
 205K   47M - balanced  all      *      *       ::/0                 ::/0  

This route is wrong. Target should be 192.168.2.0
Is the ipv6 working? Are you using it in mwan3?
Also what is the output of uci export mwan3

It was due to a static route that I no longer use. I have deleted it now.

Answer is yes for both your questions.

root@OpenWrt:~# uci export mwan3
package mwan3

config policy 'balanced'
        list use_member 'wan_m1_w3'
        list use_member 'wanb_m1_w2'
        list use_member 'wanc_m1_w2'
        list use_member 'wan6_m1_w3'
        list use_member 'wanb6_m1_w2'
        list use_member 'wanc6_m1_w2'
        option last_resort 'unreachable'

config policy 'wan_only'
        list use_member 'wan_m1_w3'
        list use_member 'wan6_m1_w3'

config policy 'wanb_only'
        list use_member 'wanb_m1_w2'
        list use_member 'wanb6_m1_w2'

config policy 'wan_wanb'
        list use_member 'wan_m1_w3'
        list use_member 'wanb_m2_w2'
        list use_member 'wan6_m1_w3'
        list use_member 'wanb6_m2_w2'

config policy 'wanb_wan'
        list use_member 'wan_m2_w3'
        list use_member 'wanb_m1_w2'
        list use_member 'wan6_m2_w3'
        list use_member 'wanb6_m1_w2'

config globals 'globals'
        option mmx_mask '0x3F00'

config interface 'wan'
        option enabled '1'
        list track_ip '8.8.4.4'
        list track_ip '8.8.8.8'
        list track_ip '208.67.222.222'
        list track_ip '208.67.220.220'
        option family 'ipv4'
        option reliability '2'

config interface 'wan6'
        list track_ip '2001:4860:4860::8844'
        list track_ip '2001:4860:4860::8888'
        list track_ip '2620:0:ccd::2'
        list track_ip '2620:0:ccc::2'
        option family 'ipv6'
        option reliability '2'
        option initial_state 'online'
        option track_method 'ping'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '1'
        option failure_latency '1000'
        option failure_loss '40'
        option recovery_latency '500'
        option recovery_loss '10'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option keep_failure_interval '1'
        option recovery_interval '5'
        option down '5'
        option up '5'
        option enabled '1'
        list flush_conntrack 'ifup'
        list flush_conntrack 'ifdown'
        list flush_conntrack 'connected'
        list flush_conntrack 'disconnected'

config interface 'wanb'
        list track_ip '8.8.4.4'
        list track_ip '8.8.8.8'
        list track_ip '208.67.222.222'
        list track_ip '208.67.220.220'
        option family 'ipv4'
        option reliability '1'
        option enabled '1'
        option initial_state 'online'
        option track_method 'ping'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'

config interface 'wanb6'
        list track_ip '2001:4860:4860::8844'
        list track_ip '2001:4860:4860::8888'
        list track_ip '2620:0:ccd::2'
        list track_ip '2620:0:ccc::2'
        option family 'ipv6'
        option reliability '1'
        option enabled '1'
        option initial_state 'online'
        option track_method 'ping'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '1'
        option failure_latency '1000'
        option failure_loss '40'
        option recovery_latency '500'
        option recovery_loss '10'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option keep_failure_interval '1'
        option recovery_interval '5'
        option down '5'
        option up '5'
        list flush_conntrack 'ifup'
        list flush_conntrack 'ifdown'
        list flush_conntrack 'connected'
        list flush_conntrack 'disconnected'

config member 'wan_m1_w3'
        option interface 'wan'
        option metric '1'
        option weight '3'

config member 'wan_m2_w3'
        option interface 'wan'
        option metric '2'
        option weight '3'

config member 'wanb_m1_w2'
        option interface 'wanb'
        option metric '1'
        option weight '2'

config member 'wanb_m2_w2'
        option interface 'wanb'
        option metric '2'
        option weight '2'

config member 'wan6_m1_w3'
        option interface 'wan6'
        option metric '1'
        option weight '3'

config member 'wan6_m2_w3'
        option interface 'wan6'
        option metric '2'
        option weight '3'

config member 'wanb6_m1_w2'
        option interface 'wanb6'
        option metric '1'
        option weight '2'

config member 'wanb6_m2_w2'
        option interface 'wanb6'
        option metric '2'
        option weight '2'

config rule 'https'
        option sticky '1'
        option dest_port '443'
        option proto 'tcp'
        option use_policy 'balanced'

config rule 'default_rule_v4'
        option dest_ip '0.0.0.0/0'
        option use_policy 'balanced'
        option family 'ipv4'

config rule 'default_rule_v6'
        option dest_ip '::/0'
        option use_policy 'balanced'
        option family 'ipv6'

config interface 'wanc'
        option enabled '1'
        option initial_state 'online'
        option family 'ipv4'
        list track_ip '8.8.4.4'
        list track_ip '8.8.8.8'
        list track_ip '208.67.222.222'
        list track_ip '208.67.220.220'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'

config member 'wanc_m1_w2'
        option metric '1'
        option weight '2'
        option interface 'wanc'

config member 'wanc_m2_w2'
        option interface 'wanc'
        option metric '2'
        option weight '2'

config interface 'wanc6'
        option initial_state 'online'
        option family 'ipv6'
        list track_ip '2001:4860:4860::8844'
        list track_ip '2001:4860:4860::8888'
        list track_ip '2620:0:ccd::2'
        list track_ip '2620:0:ccc::2'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '1'
        option failure_latency '1000'
        option failure_loss '40'
        option recovery_latency '500'
        option recovery_loss '10'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option keep_failure_interval '1'
        option recovery_interval '5'
        option down '5'
        option up '5'
        option enabled '1'
        list flush_conntrack 'ifup'
        list flush_conntrack 'ifdown'
        list flush_conntrack 'connected'
        list flush_conntrack 'disconnected'

config member 'wanc6_m1_w2'
        option interface 'wanc6'
        option metric '1'
        option weight '2'

config member 'wanc6_m2_w2'
        option interface 'wanc6'
        option metric '2'
        option weight '2'

wan interface is missing all the tracking options that other interfaces have.
wanb for example:

config interface 'wanb'
        list track_ip '8.8.4.4'
        list track_ip '8.8.8.8'
        list track_ip '208.67.222.222'
        list track_ip '208.67.220.220'
        option family 'ipv4'
        option reliability '1'
        option enabled '1'
        option initial_state 'online'
        option track_method 'ping'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'

They look similar on the LUCI configuration page

Screenshot (40)1920×1080 212 KB

Screenshot (41)1920×1080 212 KB

Screenshot (42)1920×1080 199 KB

The only difference I can see is in Track Reliability....

Try to remove the interface wan from mwan3 and recreate it.

Thanks a lot @trendy . It has worked.

config interface 'wan'
        option enabled '1'
        option initial_state 'online'
        option family 'ipv4'
        list track_ip '8.8.4.4'
        list track_ip '8.8.8.8'
        list track_ip '208.67.222.222'
        list track_ip '208.67.220.220'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '0'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option recovery_interval '5'
        option down '5'
        option up '5'

config interface 'wan6'
        option enabled '1'
        option initial_state 'online'
        option family 'ipv6'
        list track_ip '2001:4860:4860::8844'
        list track_ip '2001:4860:4860::8888'
        list track_ip '2620:0:ccd::2'
        list track_ip '2620:0:ccc::2'
        option track_method 'ping'
        option reliability '1'
        option count '1'
        option size '56'
        option max_ttl '60'
        option check_quality '1'
        option failure_latency '1000'
        option failure_loss '40'
        option recovery_latency '500'
        option recovery_loss '10'
        option timeout '4'
        option interval '10'
        option failure_interval '5'
        option keep_failure_interval '1'
        option recovery_interval '5'
        option down '5'
        option up '5'

Its showing the correct status now.

Screenshot (43)1656×938 66.7 KB

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.