Split / dedicated bandwith for OpenVPN client and failover with mwan3

Hello everyone,... I have use openwrt since a few years ago but still noob until now so I want to learn from everyone here :grin:
I have a router with 2 wan with pppoe and LTE modem using NCM, also I have VPN tunnel for work to my office. the vpn connect through one of my wan, if pppoe up I prefer that vpn connected to it. then if my pppoe down I have failover my internet and vpn to connect with LTE modem and working well with mwan3.
but after a few time inspecting, my config have lots of problem, when just 1 wan online and lots of traffic my vpn really slow, I assume too much traffic eat my wan bandwidth so if vpn really slow I cannot remote to my office using RDP.
so the first question, is there any solution to split wan to vpn maybe using ratio 40% of total wan connection?
I plan to subscribe 1 pppoe again for vpn, but it will goes same case because I use failover and if one of my wan down the traffic just go through 1 wan.
here the illustration for now

Openwrt router ---- pppoe-wan ---- inet
|
VPN tun
|
---- LTE modem ---- backup

and I plan for future config
Case 2 pppoe online

WAN 0 ---- VPN tunnel only ----->

WAN 1 ------> internet

case if WAN 0 or WAN 1 down

WAN 0/1 --- VPN tunnel (40%) ---->
------> internet (60%)

here is the current config
network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdaa:e4c8:fac0::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '207.176.77.254'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 0t'

config interface 'wan0'
	option ifname 'eth1'
	option proto 'pppoe'
	option username '131240116xxx@telkom.net'
	option password 'pass1234'
	option ipv6 'auto'
	option metric '10'

config interface 'wan1'
	option proto 'ncm'
	option device '/dev/ttyUSB0'
	option mode 'preferlte'
	option pdptype 'IP'
	option apn 'internet'
	option ipv6 'auto'
	option metric '20'

config interface 'ussivpn'
	option proto 'none'
	option ifname 'tun0'

mwan3

config globals 'globals'
	option mmx_mask '0x3F00'
	option local_source 'lan'

config interface 'wan0'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	list track_ip '8.8.8.8'
	list track_ip '180.250.246.xx'
	option track_method 'ping'
	option reliability '1'
	option count '3'
	option size '56'
	option check_quality '0'
	option timeout '2'
	option interval '5'
	option failure_interval '5'
	option recovery_interval '5'
	option down '3'
	option up '7'
	option flush_conntrack 'ifup'

config interface 'wan1'
	option enabled '1'
	option initial_state 'online'
	option family 'ipv4'
	list track_ip '8.8.8.8'
	list track_ip '180.250.246.xx'
	option track_method 'ping'
	option reliability '1'
	option count '3'
	option size '56'
	option check_quality '0'
	option timeout '2'
	option interval '5'
	option failure_interval '5'
	option recovery_interval '5'
	option down '3'
	option up '6'
	option flush_conntrack 'ifup'

config member 'wan0_m1_w3'
	option interface 'wan0'
	option metric '1'
	option weight '3'

config member 'wan0_m2_w3'
	option metric '2'
	option weight '3'
	option interface 'wan0'

config member 'wan0_m3_w3'
	option interface 'wan0'
	option metric '3'
	option weight '3'

config member 'wan1_m1_w3'
	option interface 'wan1'
	option metric '1'
	option weight '3'

config member 'wan1_m2_w3'
	option interface 'wan1'
	option metric '2'
	option weight '3'

config member 'wan1_m3_w3'
	option interface 'wan1'
	option metric '3'
	option weight '3'

config policy 'wan0_only'
	list use_member 'wan0_m1_w3'
	option last_resort 'unreachable'

config policy 'wan1_only'
	list use_member 'wan1_m1_w3'
	option last_resort 'unreachable'

config policy 'wan0_1'
	list use_member 'wan0_m1_w3'
	list use_member 'wan1_m2_w3'
	option last_resort 'unreachable'

config policy 'wan1_0'
	list use_member 'wan1_m1_w3'
	list use_member 'wan0_m2_w3'
	option last_resort 'unreachable'

config policy 'balanced'
	list use_member 'wan0_m1_w3'
	list use_member 'wan1_m1_w3'
	option last_resort 'unreachable'

config rule 'wan0_1st'
	option proto 'all'
	option sticky '0'
	option use_policy 'wan0_1'

thanks for everyone who want to help me, and pardon if my English really bad because I'm Indonesian :wink:

2 Likes