I have two routers in a single LAN, both connected to their own modems via their WAN ports. One is a dumb AP (192.168.0.2) and the other handles DHCP (192.168.0.1).
My current configuration of the multiple gateways is inefficient: packets always go through 192.168.0.1 unless I manually change the DHCP gateway to 192.168.0.2 (using DHCP option 3).
root@192.168.0.1# ip route show
default via <PPPoE_PUBLIC_IP> dev pppoe-wan proto static metric 10
default via 192.168.0.2 dev br-lan proto static metric 20
As I said above, when the first WAN connection fails, the packets are routed through the second, but traceroute shows that they are first sent to 192.168.0.1, which sends them back to 192.168.0.2 before they go through the second modem.
If I manually change the DHCP gateway to 192.168.0.2
then I see higher speeds on devices connected to 192.168.0.2 (because they don't need to make that extra trip to 192.168.0.1).
My question is: Does there exist a way to make this switching more efficient? I can imagine but don't know how to implement
automatically switching the gateway in the DHCP settings (maybe an mwan3 script triggered by some event)
changing the network config to have both gateways in the same interface
192.168.0.1 somehow updating routes on 192.168.0.2 for packets meant to go to the internet.
Either you configure two gateways on the clients, or you don't. If you do it, then the clients will decide which gateway to use. If you don't, then all the traffic will go to one router, then the other.
Yes bridge the 5G modem into the main router (.1) so that both WANs terminate in that router. This could be either a direct connection or if that is not physically feasible, a VLAN on the cable. Then mwan3 can operate in conventional failover mode.
With that said, if everything is gigabit and with adequate CPU capacity, making a second hop in your LAN should not be a noticeable performance loss against a 5G connection.
@psherman I am using a TP-Link Archer A6v3 on the DHCP router, and TL-WR841ND on the dumb AP. Both are running OpenWRT.
Yes, the 5G modem is logistically easier to connect to the dumb AP. Itβs possible to connect to the main router, but will be a huge hassle.
@mk24 I am unable to bridge the 5G modem since itβs owned by the ISP hence I do not have access to itβs config page. Could you please explain or point me to how to set up the VLAN on the cable? I am not familiar with this concept.
So the solution, as @mk24 alluded to, is VLANs + mwan3.
You'll run mwan3 on the A6, and the VLANs will be configured on both devices to send the 5G modem's connection to the A6 for routing.
Keep in mind that the continued use of the WR841ND is a bad idea because it is extremely outdated. With only 4/32, it's incapable of running a modern and secure version of OpenWrt -- it must be running an ancient version and has no possibility of upgrades. So you are putting your network at risk by using it.
For each router, let's see:
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
I appreciate you pointing out the risks. I was not aware how serious it is. Iβll try my best to upgrade this router as soon as I can. Until then, I will have to do with what I have on hand.
Here are the outputs you asked for:
~# ubus call system board
{
"kernel": "5.4.137",
"hostname": "",
"system": "MediaTek MT7621 ver:1 eco:3",
"model": "TP-Link Archer A6 v3",
"board_name": "tplink,archer-a6-v3",
"release": {
"distribution": "OpenWrt",
"version": "21.02.0-rc4",
"revision": "r16256-2d5ee43dc6",
"target": "ramips/mt7621",
"description": "OpenWrt 21.02.0-rc4 r16256-2d5ee43dc6"
}
}
~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option ula_prefix 'fd4f:539e:7181::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ip6assign '60'
list ipaddr '192.168.0.1/24'
list dns '1.1.1.1'
list dns '9.9.9.9'
list dns_search 'local'
config interface 'wan'
option device 'wan'
option proto 'pppoe'
option username '****'
option password ''
option service 'internet'
option ipv6 'auto'
option metric '10'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config interface 'wanbridge'
option proto 'static'
option device 'wan'
option ipaddr '192.168.1.2'
option netmask '255.255.255.0'
config interface 'wanb'
option proto 'static'
option device 'br-lan'
option ipaddr '192.168.0.1'
option netmask '255.255.255.0'
option gateway '192.168.0.2'
option metric '20'
You don't have to reconfigure anything in the 5G modem. "Bridge" here means to create the effect that its Ethernet cable is connected directly to the C6 by using the 841 as a layer 2 switch.
Since the ports of the 841 are limited to 100 Mb, the best you can ever expect is 94 Mb actual throughput. It won't be further limited by the CPU or OS though since it does have hardware switching which is capable of full line speed.
So this is also ancient -- the firmware here is very old, EOL, and unsupported, too. You should upgrade to 23.05.4 before doing anything else. Direct upgrading while keeping settings is not supported from 21.02 > 23.05, so you'll need to allow the system to reset to defaults as part of the upgrade process (uncheck the Keep settings box).
I'd recommend making a backup of your current config, but do not try to restore that to the upgraded firmware. This backup will only be for your reference as you reconfigure your A6 from scratch. Make note of your ISP's PPPoE credentials so you can easily get back online.
When that's done, post the (near-) default network config from the A6.
Ok... so, now we can setup bridge-VLANs to transport the wan from the 5G modem.
This gets added to the network config file.... I'm using port lan4 to connect to the AP, but if this is not the desired port, you can change that in the vlan 2 section.
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'lan1:u*'
list ports 'lan2:u*'
list ports 'lan3:u*'
list ports 'lan4:u*'
config bridge-vlan
option device 'br-lan'
option vlan '2'
list ports 'lan4:t'
config interface 'wan2'
option device 'br-lan.2'
option proto 'dhco'
Add wan2 to the wan firewall zone, as well.
Now, let's go ahead and reset the AP to defaults so that we have a fresh config to work with. Once it is reset, go ahead and change its IP address to 192.168.0.2 and turn off the DHCP server on the lan interface. You can also enable wifi. But aside from that, leave the rest of the settings default. When that's done, post your network config file from that device and we'll finish the process.
Ok... now, for this very old version of OpenWrt, I honestly don't remember the correct syntax for bridging the wan port with the lan ports, (it's just too old for it to remain in resident memory). So I'm going to recommend that we use 2 of the lan ports instead of the wan port.
The logical port numbers on the switch do not correspond directly to the physical port numbers on the device. I'm going to guess that the v11 follows the same structure as the v9 and v10, but this could be incorrect.
We'll (try to) make physical port 4 the connection to the 5G modem, and physical port 3 the connection to the main router.
We'll take logical port 1 out of VLAN 1 (this may or may not be physical port 4) like this:
Now, reboot the AP after these changes are complete. Connect the cable coming from the main router to physical port 3, and connect the 5G modem to physical port 4. You may need to restart the wan2 interface on the main router after this. If all works properly, we'll see the wan2 interface get an IP address via DHCP from the 5G modem.
Report back when you have done this and can tell us if the above was successful or not.
Will this let me plug in other devices to the remaining lan ports of the dumb AP? In case our port numbers our wrong I might also need to connect to it directly instead of through the other router's WiFi