Network failures when using mwan3

WolfAURman · March 23, 2025, 6:56am

Hey everyone! I've recently started using OpenWRT, and I'm facing an issue. When using mwan3 (I have two ISPs), I experience very slow speeds, very high ping, and sometimes even network drops. Can anyone help me figure out what might be causing this?

/etc/os-release:

NAME="OpenWrt"
VERSION="24.10.0"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 24.10.0"
VERSION_ID="24.10.0"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r28427-6df0e3d02a"
OPENWRT_BOARD="x86/64"
OPENWRT_ARCH="x86_64"
OPENWRT_TAINTS=""
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 24.10.0 r28427-6df0e3d02a"
OPENWRT_BUILD_DATE="1738624177"

/etc/config/mwan3:

config member 'wan_main'
	option interface 'wan'
	option metric '1'
	option weight '3'

config member 'wan1_backup'
	option interface 'wan1'
	option metric '1'
	option weight '3'

config policy 'wan_failover'
	list use_member 'wan_main'
	list use_member 'wan1_backup'
	option last_resort 'unreachable'

config interface 'wan'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	option track_method 'ping'
	option reliability '1'
	option count '1'
	option size '56'
	option max_ttl '60'
	option timeout '4'
	option interval '10'
	option failure_interval '5'
	option recovery_interval '5'
	option down '5'
	option up '5'
	list track_ip '8.8.8.8'

config interface 'wan1'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	option track_method 'ping'
	option reliability '1'
	option count '1'
	option size '56'
	option max_ttl '60'
	option timeout '4'
	option interval '10'
	option failure_interval '5'
	option recovery_interval '5'
	option down '5'
	option up '5'
	list track_ip '8.8.8.8'

config rule 'default_rule'
	option dest_ip '0.0.0.0/0'
	option use_policy 'wan_failover'
	option family 'ipv4'
	option proto 'all'
	option sticky '0'

/etc/config/network:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0b:343c:2374::/48'
	option packet_steering '1'

config interface 'lan'
	option device 'eth3'
	option proto 'static'
	option ipaddr '192.168.5.1'
	option netmask '255.255.255.0'
	option delegate '0'
	list dns '8.8.8.8'

config interface 'wan'
	option device 'eth2'
	option proto 'dhcp'
	option peerdns '0'
	option metric '1'

config interface 'wan1'
	option device 'eth4'
	option proto 'dhcp'
	option metric '2'

config interface 'lan1'
	option proto 'static'
	option device 'eth1'
	option ipaddr '172.168.5.1'
	option netmask '255.255.255.0'
	list dns '8.8.8.8'

pavelgl · March 23, 2025, 7:50am

How exactly do you intend to use mwan3? The policy name is wan_failover, but it actually works in load balancing mode due to members settings.

Set the custom DNS here and remove it from the lan interfaces.

Note that this is not an RFC1918 address.

WolfAURman · March 23, 2025, 8:47am

WAN is the primary connection. I want to use WAN1 when WAN is unavailable. Also, for some clients, I want to set WAN1 as the primary gateway due to its faster network speed

I'm a little confused about all this, everything worked fine in OPNsense, but I have a need to use OWRT

Did I understand you correctly, this is how it should look?

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd0b:343c:2374::/48'
        option packet_steering '1'

config interface 'lan'
        option device 'eth3'
        option proto 'static'
        option ipaddr '192.168.5.1'
        option netmask '255.255.255.0'
        option delegate '0'

config interface 'wan'
        option device 'eth2'
        option proto 'dhcp'
        option peerdns '0'
        option metric '1'
        list dns '8.8.8.8'

config interface 'wan1'
        option device 'eth4'
        option proto 'dhcp'
        option metric '2'
        list dns '8.8.8.8'

config interface 'lan1'
        option proto 'static'
        option device 'eth1'
        option ipaddr '172.168.5.1'
        option netmask '255.255.255.0'

WolfAURman · March 23, 2025, 11:55am

I think it's supposed to look like this. It switches to wan1 if wan goes down, and returns the connection if wan becomes available again.
Also, the client with the address 192.168.5.191 always gets access to wan1 due to its higher speed.

But I'm not entirely sure if this is correct

/etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0b:343c:2374::/48'
	option packet_steering '1'

config interface 'lan'
	option device 'eth3'
	option proto 'static'
	option ipaddr '192.168.5.1'
	option netmask '255.255.255.0'
	option delegate '0'

config interface 'wan'
	option device 'eth2'
	option proto 'dhcp'
	option peerdns '0'
	option metric '1'
	list dns '8.8.8.8'

config interface 'wan1'
	option device 'eth4'
	option proto 'dhcp'
	option metric '2'
	list dns '8.8.8.8'

config interface 'lan1'
	option proto 'static'
	option device 'eth1'
	option ipaddr '172.168.5.1'
	option netmask '255.255.255.0'

/etc/config/mwan3

config member 'wan_main'
	option interface 'wan'
	option metric '1'
	option weight '3'

config member 'wan1_backup'
	option interface 'wan1'
	option metric '2'
	option weight '3'

config interface 'wan'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	option track_method 'ping'
	option reliability '1'
	option count '1'
	option size '56'
	option max_ttl '60'
	option timeout '4'
	option interval '10'
	option failure_interval '5'
	option recovery_interval '1'
	option down '2'
	option up '2'
	list track_ip '77.88.8.8'

config interface 'wan1'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	option track_method 'ping'
	option reliability '1'
	option count '1'
	option size '56'
	option max_ttl '60'
	option timeout '4'
	option interval '10'
	option failure_interval '5'
	option recovery_interval '1'
	option down '2'
	option up '2'
	list track_ip '77.88.8.8'

config policy 'wan1_only'
	list use_member 'wan1_backup'
	option last_resort 'default'

config rule 'wan1_client'
	option proto 'all'
	option sticky '0'
	option use_policy 'wan1_only'
	option src_ip '192.168.5.191'

config rule 'default_rule'
	option dest_ip '0.0.0.0/0'
	option use_policy 'default'
	option family 'ipv4'
	option proto 'all'
	option sticky '0'

pavelgl · March 23, 2025, 12:17pm

It is correct.

I don't know if it's important to you, but just to clarify that if option peerdns is not set to 0, the DNS servers advertised by the provider via DHCP will also be added to the list of upstream servers among the custom DNS.

WolfAURman · March 23, 2025, 12:21pm

Thank you for your help, sir

system · April 2, 2025, 12:21pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.