Topic: Multi-WAN Load Balancing

The content of this topic has been archived between 29 Mar 2018 and 3 May 2018. Unfortunately there are posts – most likely complete pages – missing.

Page 2 of 14

Post #26

Patrik85

24 Mar 2010, 00:25

I will test your suggestions asap.
First I will configure the Modem to perform the PPPOE dial-in and configure one WAN link to use DHCP instead of PPPOE.
This will give the openwrt router also the same WAN address, but I am not sure if then the modem is used as gateway.
If yes, this might be the solution.

If this does not help I will configure a second router which actually has a modem included to connect the second WAN link. This router will have IP 192.168.1.1 with DHCP activated.

Did I understand everything correct?

Can you provide details regarding masquerading and the static router you are talking about?
Where will this be configured? On the second non openwrt router or on the openwrt router?

Thanks again for your great support!

Post #27

SouthPawn

24 Mar 2010, 00:40

Patrik85 wrote:

I will test your suggestions asap.
First I will configure the Modem to perform the PPPOE dial-in and configure one WAN link to use DHCP instead of PPPOE.
This will give the openwrt router also the same WAN address, but I am not sure if then the modem is used as gateway.
If yes, this might be the solution.
If this does not help I will configure a second router which actually has a modem included to connect the second WAN link. This router will have IP 192.168.1.1 with DHCP activated.
Did I understand everything correct?
Can you provide details regarding masquerading and the static router you are talking about?
Where will this be configured? On the second non openwrt router or on the openwrt router?
Thanks again for your great support!

Correct, I would first get it working via double natting, then you can move on from there.

Post #28

Patrik85

24 Mar 2010, 22:23

Good news.
I placed another router between the WRT54GL and one of the DSL modems.
Now the WRT54GL is using the second router with its internal IP (192.1681.1) as gateway.
Downloads are now using both links.
The peak download speed I saw are 2MB/s.
Using both lines with seperate routers are able to provide a maximum of 2.8MB/s.
I read that the maximum what the WRT54GL can handle is 28 MBit/s. That would be sufficient.
Is there any chance to improve the download speed?
Can you give me some input on the dual natting issue which comes with the second router?
I disabled the firewall in the second router.
How would I know configure port-forwarding for torrent downloads for example?
Is there a chance to double the upload speed also?

Thanks for your input and best regards,
Patrik

Post #29

SouthPawn

26 Mar 2010, 00:15

Glad to see it's working.

To remove the double natting, set the interface that connects to the second router as a static IP. (192.168.1.2)

Make sure to have the Secondary Router forward all incoming traffic to the Multi-WAN Router. (192.168.1.2)

You'll need to create static routes back and fourth to the Multi-WAN router,

Here's an example,

Multi-WAN Router Static Route:
Interface: (whatever the interface going to the second router is)
Target: 192.168.1.0
Subnet Mask: 255.255.255.0
IPV4-Gateway: 192.168.1.1

Secondary PreRouter Static Route:
Interface: (lan)
Target: 192.168.0.0 (Or whatever your using for the LAN subnet on the Multi-WAN Router)
Subnet Mask: 255.255.255.0
IPV4-Gateway: 192.168.1.2

This will allow the secondary prerouter to communicate with clients on the lan of the Multi-WAN Router, the next step is disabling the MASQUERADE option on the Multi-WAN router so that it's performed by the Secondary PreRouter.

As for speed, this implementation of Multi-WAN cannot combine the speed of the WANs, it can only distribute new sessions across them.

(Last edited by SouthPawn on 26 Mar 2010, 01:24)

Post #30

Adze

27 Mar 2010, 16:24

Hi SouthPawn,

Using your script for a couple of days now, but im running into a problem. At first it looked like QoS didn't work as expected, but this was due to not having iptables-tools installed. Now that i made a new image from trunk with iptables-tools enabled, your script stops working for me. After starting your script, it is almost impossible to browse the internet. As i try to ping hosts on internet from client pc's, only from the first packet i get response.

This is what my mangle table looks like after starting your script. Does everything seem OK to you? Will try to troubleshoot some more later this day...

Chain PREROUTING (policy ACCEPT 3267 packets, 624K bytes)
 pkts bytes target     prot opt in     out     source               destination
 3294  626K MultiWan   all  --  any    any     anywhere             anywhere
  766  183K IMQ        all  --  eth0.1 any     anywhere             anywhere            IMQ: todev 0
  349  148K IMQ        all  --  eth0.2 any     anywhere             anywhere            IMQ: todev 1

Chain INPUT (policy ACCEPT 1750 packets, 170K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 1017 packets, 289K bytes)
 pkts bytes target     prot opt in     out     source               destination
 1017  289K MultiWan   all  --  any    any     anywhere             anywhere

Chain OUTPUT (policy ACCEPT 1563 packets, 236K bytes)
 pkts bytes target     prot opt in     out     source               destination
 1648  242K MultiWan   all  --  any    any     anywhere             anywhere

Chain POSTROUTING (policy ACCEPT 2658 packets, 539K bytes)
 pkts bytes target     prot opt in     out     source               destination
 2758  546K MultiWan   all  --  any    any     anywhere             anywhere

Chain Default (0 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
    0     0 Default_ct  all  --  any    any     anywhere             anywhere            mark match 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x1 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x2 length 800:65535 MARK and 0x0
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x0 length 0:500 MARK set 0x2
    0     0 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x0 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x0 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x4 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x4 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain Default_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x0 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x0 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x0 tcp multiport ports 22,53 MARK set 0x1
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x0 udp multiport ports 22,53 MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x0 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x0 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x0 udp multiport ports 5190 MARK set 0x2
    0     0 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain FW1MARK (8 references)
 pkts bytes target     prot opt in     out     source               destination
  721  180K MARK       all  --  any    any     anywhere             anywhere            MARK set 0x10
  721  180K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain FW2MARK (6 references)
 pkts bytes target     prot opt in     out     source               destination
  208 19954 MARK       all  --  any    any     anywhere             anywhere            MARK set 0x20
  208 19954 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain LoadBalancer (1 references)
 pkts bytes target     prot opt in     out     source               destination
  742 61270 MARK       all  --  any    any     anywhere             anywhere            MARK set 0x123
  742 61270 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain MultiWan (4 references)
 pkts bytes target     prot opt in     out     source               destination
 8717 1703K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
 8717 1703K MultiWanPreHandler  all  --  any    any     anywhere             anywhere
 8657 1697K MultiWanDNS  all  --  any    any     anywhere             anywhere
 8505 1687K MultiWanRules  all  --  any    any     anywhere             anywhere
 8505 1687K MultiWanPostHandler  all  --  any    any     anywhere             anywhere
 8505 1687K MultiWanQoS  all  --  any    any     anywhere             anywhere

Chain MultiWanDNS (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 FW1MARK    tcp  --  any    any     anywhere             ns01.upclive.nl     tcp dpt:53
   38  2272 FW1MARK    udp  --  any    any     anywhere             ns01.upclive.nl     udp dpt:53
    0     0 ACCEPT     tcp  --  any    any     anywhere             ns01.upclive.nl     tcp dpt:53
   38  2272 ACCEPT     udp  --  any    any     anywhere             ns01.upclive.nl     udp dpt:53
    0     0 FW1MARK    tcp  --  any    any     anywhere             ns02.upclive.nl     tcp dpt:53
   50  3120 FW1MARK    udp  --  any    any     anywhere             ns02.upclive.nl     udp dpt:53
    0     0 ACCEPT     tcp  --  any    any     anywhere             ns02.upclive.nl     tcp dpt:53
   50  3120 ACCEPT     udp  --  any    any     anywhere             ns02.upclive.nl     udp dpt:53
    0     0 FW2MARK    tcp  --  any    any     anywhere             192.168.32.254      tcp dpt:53
   32  1910 FW2MARK    udp  --  any    any     anywhere             192.168.32.254      udp dpt:53
    0     0 ACCEPT     tcp  --  any    any     anywhere             192.168.32.254      tcp dpt:53
   32  1910 ACCEPT     udp  --  any    any     anywhere             192.168.32.254      udp dpt:53

Chain MultiWanPostHandler (1 references)
 pkts bytes target     prot opt in     out     source               destination
  167 14072 FW1MARK    all  --  any    eth0.1  anywhere             anywhere            mark match 0x123
  150 13124 FW2MARK    all  --  any    eth0.2  anywhere             anywhere            mark match 0x123

Chain MultiWanPreHandler (1 references)
 pkts bytes target     prot opt in     out     source               destination
  466  161K FW1MARK    all  --  eth0.1 any     anywhere             anywhere            state NEW
   26  4920 FW2MARK    all  --  eth0.2 any     anywhere             anywhere            state NEW

Chain MultiWanQoS (1 references)
 pkts bytes target     prot opt in     out     source               destination
 1709  257K MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x11
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x12
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x13
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x14
  524 56924 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x21
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x22
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x23
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x24

Chain MultiWanQoS_isp1 (5 references)
 pkts bytes target     prot opt in     out     source               destination
 1709  257K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
 1709  257K MultiWanQoS_isp1_ct  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x11 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x12 length 800:65535 MARK and 0x0
  550  176K MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 length 0:500 MARK set 0x2
 1093 75012 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
   25  1300 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp1_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 22,53 MARK set 0x1
   41  4706 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 22,53 MARK set 0x1
   25  1300 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 5190 MARK set 0x2
 1709  257K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain MultiWanQoS_isp2 (5 references)
 pkts bytes target     prot opt in     out     source               destination
  524 56924 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
  524 56924 MultiWanQoS_isp2_ct  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x21 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x22 length 800:65535 MARK and 0x0
  104 19680 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 length 0:500 MARK set 0x2
  393 33012 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
   12   624 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp2_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 22,53 MARK set 0x1
   15  3608 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 22,53 MARK set 0x1
   12   624 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 5190 MARK set 0x2
  524 56924 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain MultiWanRules (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 FW1MARK    tcp  --  any    any     anywhere             newsreader1.eweka.nl mark match 0x0 tcp dpt:119
    0     0 FW1MARK    udp  --  any    any     anywhere             newsreader1.eweka.nl mark match 0x0 udp dpt:119
    0     0 FW2MARK    tcp  --  any    any     anywhere             newsreader3.eweka.nl mark match 0x0 tcp dpt:119
    0     0 FW2MARK    udp  --  any    any     anywhere             newsreader3.eweka.nl mark match 0x0 udp dpt:119
  742 61270 LoadBalancer  all  --  any    any     anywhere             anywhere            mark match 0x0

Thank you.

Post #31

SouthPawn

27 Mar 2010, 22:46

Adze wrote:

Chain MultiWanQoS (1 references)
 pkts bytes target     prot opt in     out     source               destination
 1709  257K MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x11
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x12
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x13
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x14
  524 56924 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x21
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x22
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x23
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x24

Chain MultiWanQoS_isp1 (5 references)
 pkts bytes target     prot opt in     out     source               destination
 1709  257K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
 1709  257K MultiWanQoS_isp1_ct  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x11 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x12 length 800:65535 MARK and 0x0
  550  176K MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 length 0:500 MARK set 0x2
 1093 75012 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
   25  1300 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp1_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 22,53 MARK set 0x1
   41  4706 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 22,53 MARK set 0x1
   25  1300 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 5190 MARK set 0x2
 1709  257K CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain MultiWanQoS_isp2 (5 references)
 pkts bytes target     prot opt in     out     source               destination
  524 56924 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
  524 56924 MultiWanQoS_isp2_ct  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x21 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x22 length 800:65535 MARK and 0x0
  104 19680 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 length 0:500 MARK set 0x2
  393 33012 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
   12   624 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp2_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 22,53 MARK set 0x1
   15  3608 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 22,53 MARK set 0x1
   12   624 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 5190 MARK set 0x2
  524 56924 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Everything else looked good except the QoS area, I've updated the script to 1.0f which should take care of this issue, let me know if it does not. I also removed tcp 53 connections from the MultiWanDNS, as it's unnecessary for client queries.

Thanks Adze,
-Craig

(Last edited by SouthPawn on 27 Mar 2010, 23:42)

Post #32

Adze

27 Mar 2010, 23:44

SouthPawn,

Thank you for your fast reply. Tried revision f, but no luck though...

I did figure out that it indeed has something to do with qos-scripts and multiwan. If multiwan is used without the qos package, it works brilliant. but with qos and multiwan active, internet is dead. With tcp-dump i can see that occasionaly packets leave the wrong interface (packets with a masqed source ip of eth0.1 leaving at eth0.2 and vice-versa). Dont know yet why. Running without qos now for the moment.

Thanks and will keep you updated.

Post #33

SouthPawn

28 Mar 2010, 04:31

Adze wrote:

SouthPawn,
Thank you for your fast reply. Tried revision f, but no luck though...
I did figure out that it indeed has something to do with qos-scripts and multiwan. If multiwan is used without the qos package, it works brilliant. but with qos and multiwan active, internet is dead. With tcp-dump i can see that occasionaly packets leave the wrong interface (packets with a masqed source ip of eth0.1 leaving at eth0.2 and vice-versa). Dont know yet why. Running without qos now for the moment.
Thanks and will keep you updated.

Hey Adze,

I've updated it again, 1.0g, I believe the problem is a variance in the iptables-save output, hopefully this latest one deals with it better. If not, we may need to see a little more about the output of iptables-save for the Default and Default_ct tables on your setup.

Thanks Adze,
-Craig

(Last edited by SouthPawn on 28 Mar 2010, 11:01)

Post #34

Adze

29 Mar 2010, 11:55

Hi SouthPawn,

Thanks for the effort, but still no cigar... With qos disabled (package installed but disabled in config) it works like it should. If you're interessted i could give you ssh acces to my router to troubleshoot, otherwise i wil continue troubleshoot next weekend.

Thanks.

Post #35

SouthPawn

29 Mar 2010, 14:02

Adze wrote:

Hi SouthPawn,

Thanks for the effort, but still no cigar... With qos disabled (package installed but disabled in config) it works like it should. If you're interessted i could give you ssh acces to my router to troubleshoot, otherwise i wil continue troubleshoot next weekend.
Thanks.

We can definitely arrange that, but first, can you provide the output of iptables-save | egrep '(-A Default )|(-A Default_ct )' ?

Thanks Adze,
-Craig

Post #36

Adze

29 Mar 2010, 15:52

SouthPawn wrote:

...can you provide the output of iptables-save | egrep '(-A Default )|(-A Default_ct )' ?
-Craig

sure

root@Mercurius:~# iptables-save | egrep  '(-A Default )|(-A Default_ct )'
-A Default -m mark --mark 0x0 -j Default_ct
-A Default -m mark --mark 0x1 -m length --length 400:65535 -j MARK --set-xmark 0x0/0xffffffff
-A Default -m mark --mark 0x2 -m length --length 800:65535 -j MARK --set-xmark 0x0/0xffffffff
-A Default -p udp -m mark --mark 0x0 -m length --length 0:500 -j MARK --set-xmark 0x2/0xffffffff
-A Default -p icmp -j MARK --set-xmark 0x1/0xffffffff
-A Default -p tcp -m mark --mark 0x0 -m tcp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x4/0xffffffff
-A Default -p udp -m mark --mark 0x0 -m udp --sport 1024:65535 --dport 1024:65535 -j MARK --set-xmark 0x4/0xffffffff
-A Default -p tcp -m length --length 0:128 -m mark ! --mark 0x4 -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG SYN -j MARK --set-xmark 0x1/0xffffffff
-A Default -p tcp -m length --length 0:128 -m mark ! --mark 0x4 -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG ACK -j MARK --set-xmark 0x1/0xffffffff
-A Default_ct -m mark --mark 0x0 -m layer7 --l7proto edonkey -j MARK --set-xmark 0x4/0xffffffff
-A Default_ct -m mark --mark 0x0 -m layer7 --l7proto bittorrent -j MARK --set-xmark 0x4/0xffffffff
-A Default_ct -p tcp -m mark --mark 0x0 -m tcp -m multiport --ports 22,53 -j MARK --set-xmark 0x1/0xffffffff
-A Default_ct -p udp -m mark --mark 0x0 -m udp -m multiport --ports 22,53 -j MARK --set-xmark 0x1/0xffffffff
-A Default_ct -p tcp -m mark --mark 0x0 -m tcp -m multiport --ports 20,21,25,80,110,443,993,995 -j MARK --set-xmark 0x3/0xffffffff
-A Default_ct -p tcp -m mark --mark 0x0 -m tcp -m multiport --ports 5190 -j MARK --set-xmark 0x2/0xffffffff
-A Default_ct -p udp -m mark --mark 0x0 -m udp -m multiport --ports 5190 -j MARK --set-xmark 0x2/0xffffffff
-A Default_ct -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff

And this is a part of the mangle table:

Chain MultiWanQoS (1 references)
 pkts bytes target     prot opt in     out     source               destination
    5   364 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x11
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x12
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x13
    0     0 MultiWanQoS_isp1  all  --  any    any     anywhere             anywhere            mark match 0x14
    3   252 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x21
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x22
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x23
    0     0 MultiWanQoS_isp2  all  --  any    any     anywhere             anywhere            mark match 0x24

Chain MultiWanQoS_isp1 (5 references)
 pkts bytes target     prot opt in     out     source               destination
    5   364 MultiWanQoS_isp1_ct  all  --  any    any     anywhere             anywhere            mark match 0x10
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x11 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x12 length 800:65535 MARK and 0x0
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 length 0:500 MARK set 0x2
    3   252 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp1_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x10 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 22,53 MARK set 0x1
    2   112 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 22,53 MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x10 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x10 udp multiport ports 5190 MARK set 0x2
    5   364 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Chain MultiWanQoS_isp2 (5 references)
 pkts bytes target     prot opt in     out     source               destination
    3   252 MultiWanQoS_isp2_ct  all  --  any    any     anywhere             anywhere            mark match 0x20
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x21 length 400:65535 MARK and 0x0
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x22 length 800:65535 MARK and 0x0
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 length 0:500 MARK set 0x2
    3   252 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1

Chain MultiWanQoS_isp2_ct (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto edonkey MARK set 0x4
    0     0 MARK       all  --  any    any     anywhere             anywhere            mark match 0x20 LAYER7 l7proto bittorrent MARK set 0x4
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 22,53 MARK set 0x1
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 22,53 MARK set 0x1
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             anywhere            mark match 0x20 tcp multiport ports 5190 MARK set 0x2
    0     0 MARK       udp  --  any    any     anywhere             anywhere            mark match 0x20 udp multiport ports 5190 MARK set 0x2
    3   252 CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save

Shouldn't those qos marks be set to a different value? I also noticed something else, which might be wrong. Although i set the health_interval to 5 on each interface, it still sends out one icmp-request per 10 seconds.

Thanks!

(Last edited by Adze on 29 Mar 2010, 16:06)

Post #37

SouthPawn

29 Mar 2010, 22:59

Adze wrote:

Shouldn't those qos marks be set to a different value? I also noticed something else, which might be wrong. Although i set the health_interval to 5 on each interface, it still sends out one icmp-request per 10 seconds.
Thanks!

I've updated it again, to 1.0h which should deal with the change in qos-scripts.
I've also updated the health monitor to allow a minimum of 5 seconds, before it was set to 10, but rethinking about it, I don't see why it should need to be, so setting it to 5 should now work fine.

Thanks Adze,
-Craig

Post #38

Adze

30 Mar 2010, 12:09

SouthPawn wrote:

I've updated it again, to 1.0h which should deal with the change in qos-scripts.
I've also updated the health monitor to allow a minimum of 5 seconds, before it was set to 10, but rethinking about it, I don't see why it should need to be, so setting it to 5 should now work fine.
Thanks Adze,
-Craig

Hi SouthPawn,

Looks like this time everything runs smoothly. I can see that the qos mark values are changed in the mangle table. Traffic balancing works fine.

But now i'm curious to see how the qos script handles mark packets other then the normal 0x1 to 0x4. If i run `tc filter` i dont see any rules. How does the qos script "know" which packet belongs to which queue? As far as i can see everything is handled in the default queue...

Thank you.

Post #39

SouthPawn

30 Mar 2010, 16:43

Adze wrote:

SouthPawn wrote:
I've updated it again, to 1.0h which should deal with the change in qos-scripts.
I've also updated the health monitor to allow a minimum of 5 seconds, before it was set to 10, but rethinking about it, I don't see why it should need to be, so setting it to 5 should now work fine.
Thanks Adze,
-Craig
Hi SouthPawn,
Looks like this time everything runs smoothly. I can see that the qos mark values are changed in the mangle table. Traffic balancing works fine.
But now i'm curious to see how the qos script handles mark packets other then the normal 0x1 to 0x4. If i run `tc filter` i dont see any rules. How does the qos script "know" which packet belongs to which queue? As far as i can see everything is handled in the default queue...
Thank you.

To see the filters you'll need to type tc filter show dev <interface>, here you'll see the original filter along with the one the script added.

root@OpenWrt:~# tc filter show dev eth0
filter parent 1: protocol ip pref 1 fw
filter parent 1: protocol ip pref 1 fw handle 0x1 classid 1:10
filter parent 1: protocol ip pref 1 fw handle 0x11 classid 1:10
filter parent 1: protocol ip pref 2 fw
filter parent 1: protocol ip pref 2 fw handle 0x2 classid 1:20
filter parent 1: protocol ip pref 2 fw handle 0x12 classid 1:20
filter parent 1: protocol ip pref 3 fw
filter parent 1: protocol ip pref 3 fw handle 0x3 classid 1:30
filter parent 1: protocol ip pref 3 fw handle 0x13 classid 1:30
filter parent 1: protocol ip pref 4 fw
filter parent 1: protocol ip pref 4 fw handle 0x4 classid 1:40
filter parent 1: protocol ip pref 4 fw handle 0x14 classid 1:40
root@OpenWrt:~#

Which will correspond with ip rules set for which routing table this interface uses, which you'll see by typing ip rule.

11:     from all fwmark 0x10 lookup MWAN1
12:     from all fwmark 0x11 lookup MWAN1
13:     from all fwmark 0x12 lookup MWAN1
14:     from all fwmark 0x13 lookup MWAN1
15:     from all fwmark 0x14 lookup MWAN1

So that once it's marked by qos-scripts, it'll continue down to the correct interface.
If this process of copying and modifying what is created by qos-scripts didn't exist, qos would not work properly, as well, icmp packets would always be routed out the first wan.

Glad to see it's working correctly now, if you have any other questions, let me know.
-Craig

(Last edited by SouthPawn on 30 Mar 2010, 16:53)

Post #40

Adze

30 Mar 2010, 20:05

SouthPawn wrote:

Glad to see it's working correctly now, if you have any other questions, let me know.
-Craig

Hi SouthPawn,

Thanks again for your time and effort. Really appreciate it! Multiwan runs really smooth now.

No further questions only two small feature requests. One is to set the minimum allowed value of health_interval to "1" (i know it seems strange, but let the user decide for himself what he wants), the other is a general multiwan enable/disable config option.

Thank you for your time. That'll be all...

Post #41

SouthPawn

31 Mar 2010, 00:14

Adze wrote:

SouthPawn wrote:
Glad to see it's working correctly now, if you have any other questions, let me know.
-Craig
Hi SouthPawn,

Thanks again for your time and effort. Really appreciate it! Multiwan runs really smooth now.
No further questions only two small feature requests. One is to set the minimum allowed value of health_interval to "1" (i know it seems strange, but let the user decide for himself what he wants), the other is a general multiwan enable/disable config option.
Thank you for your time. That'll be all...

I removed the limitation on the health_interval, but I think I'm keeping the enable config option out for now, to enable/disable, /etc/init.d/multiwan enable or disable.

Thanks again
-Craig

Post #42

andyballon

1 Apr 2010, 12:02

hi, i just want to report that the luci-app-multiwan_1.0i.ipk is giving me this error on backfire rc2:
-----------
/usr/lib/lua/luci/controller/multiwan.lua:4: attempt to index field 'fs' (a nil value)
stack traceback:
/usr/lib/lua/luci/controller/multiwan.lua:4: in function </usr/lib/lua/luci/controller/multiwan.lua:3>
?: in function 'createtree'
?: in function 'dispatch'
?: in function <?:128>
-----------
otherwise, everything seems to be working as expected. routes are going the other way during heavy loads.
reason i'm using backfire rc2 is the i'm getting a lot of sysctl errors with the kamikaze releases. those weren't there in white russian and they may be the reason why i need to power cycle the wrt54gl when i make changes. no time to investigate.
one quick suggestion:
please list the pre-requisite packages.
took me a day to figure out qos-scripts was needed.
overall, this is better than quagga + bgp because it uses both lines at the same time under heavy loads. but, i still miss the quick failover of quagga when one line fails.
i'll wait for the fixed luci thingy.

ROCK ON!

Post #43

jow

1 Apr 2010, 12:53

Fix for the error above:

--- usr/lib/lua/luci/controller/multiwan.lua.orig    2010-04-01 13:51:48.000000000 +0200
+++ usr/lib/lua/luci/controller/multiwan.lua    2010-04-01 13:52:08.000000000 +0200
@@ -1,7 +1,8 @@
 module("luci.controller.multiwan", package.seeall)
 
 function index()
-    if not luci.fs.access("/etc/config/multiwan") then
+    local fs = luci.fs or nixio.fs
+    if not fs.access("/etc/config/multiwan") then
         return
     end

The luci.fs api has been deprecated.

~ JoW

Post #44

andyballon

1 Apr 2010, 13:27

i was digging the luci .ipk for where i'll put the above diffs and guess what i found:

======
Package: multiwan
Version: 1.0i
Depends: ip, iptables, iptables-utils, iptables-mod-conntrack, iptables-mod-conntrack-extra
Provides:
Source: package/multiwan
Section: net
Architecture: all
Priority: optional
Maintainer: OpenWrt Developers Team <openwrt-devel@openwrt.org>
Description: An agent script that makes Multi-WAN configuration simple,
easy and manageable. Complete with load balancing, failover and an easy
to manage traffic ruleset. Allows for configuration of up to 9 wan links.
======

anyhoo, i'll just wait for the "j" ipk.
(i was almost so sure multiwan needed the qos-scripts).

Post #45

Patrik85

1 Apr 2010, 13:54

Hi,

I having some trouble with OpenVPN and I think it has something to do with the MultiWAN Script.

Sometimes I can connect via VPN without any problem and sometimes I see the following issue in the system log.

Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: MULTI: multi_create_instance called
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 Re-using SSL/TLS context
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 Local Options hash (VER=V4): '0ddbb6e3'
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 Expected Remote Options hash (VER=V4): '2c50bd2c'
Apr  1 14:49:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 TLS: Initial packet from 123.123.123.123:1194, sid=f4933bca a7aaa0c9
Apr  1 14:50:33 OpenWrt daemon.err openvpn[10209]: 123.123.123.123:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Apr  1 14:50:33 OpenWrt daemon.err openvpn[10209]: 123.123.123.123:1194 TLS Error: TLS handshake failed
Apr  1 14:50:33 OpenWrt daemon.notice openvpn[10209]: 123.123.123.123:1194 SIGUSR1[soft,tls-error] received, client-instance restarting

Once I also recognized this error

Apr  1 13:37:54 OpenWrt daemon.err openvpn[10209]: 123.123.123.123:1194 write UDPv4 []: Network is unreachable (code=128)
Apr  1 13:37:55 OpenWrt daemon.err openvpn[10209]: 123.123.123.123:1194 write UDPv4 []: Network is unreachable (code=128)

I thougt this comes due to the reason that the router replies to the VPN request on the other WAN interface that that, where the connection is directed to.

I added a rule, that all outbound OpenVPN traffic (UDP 1194) goes through the interface where the connection arrives (I am using dyndns for one of the two WAN interfaces and use this for external connections).

config 'multiwan' 'config'
        option 'resolv_conf' '/tmp/resolv.conf.auto'
        option 'default_route' 'balancer'

config 'interface' 'wan'
        option 'weight' '5'
        option 'health_interval' '10'
        option 'timeout' '3'
        option 'health_fail_retries' '3'
        option 'health_recovery_retries' '5'
        option 'failover_to' 'disable'
        option 'icmp_hosts' 'disable'

config 'interface' 'wan1'
        option 'weight' '5'
        option 'health_interval' '10'
        option 'timeout' '3'
        option 'health_fail_retries' '3'
        option 'health_recovery_retries' '5'
        option 'icmp_hosts' 'disable'
        option 'failover_to' 'disable'

config 'mwanfw'
        option 'ports' '1194'
        option 'wanrule' 'wan'

config 'mwanfw'
        option 'src' '192.168.2.250'
        option 'ports' '49160'
        option 'wanrule' 'wan'

config 'mwanfw'
        option 'src' '192.168.2.250'
        option 'ports' '49560'
        option 'wanrule' 'wan1'

But this does not help.

Does anybody have a hint for me?

Thanks and best regards,
Patrik

Post #46

andyballon

1 Apr 2010, 14:25

try disconnecting a internet line to rule out multiwan.
i got all udp packets going through wan one, (the first wan. the other one is wan2. this one has no number one but i call it wan one. )

=====
config 'mwanfw'
option 'proto' 'udp'
option 'wanrule' 'wan'
=====
and i'm not having issues with multiple connections.
last time i saw that error i had a bad ta.key. (or i think i forgot to add the ta.key to the client config)
anyway, rule out multiwan then check your fw settings and configs.

Post #47

andyballon

1 Apr 2010, 15:16

ok. i'm confirming the above post #43 works.
i got impatient and just installed the "i" version and hand edited "/usr/lib/lua/luci/controller/multiwan.lua"

case closed on that one.
but pls fix it because it will scare the bejeezus out of first time installers.
i think backfire 10.03 is a break through of sorts because of the wireless on brcm and 2.6 kernel. plus it doesn't have the sysctl -a errors.
thanks for the multiwan scripts and the patch!

Post #48

SouthPawn

1 Apr 2010, 18:54

andyballon wrote:

ok. i'm confirming the above post #43 works.
i got impatient and just installed the "i" version and hand edited "/usr/lib/lua/luci/controller/multiwan.lua"
case closed on that one.
but pls fix it because it will scare the bejeezus out of first time installers.
i think backfire 10.03 is a break through of sorts because of the wireless on brcm and 2.6 kernel. plus it doesn't have the sysctl -a errors.
thanks for the multiwan scripts and the patch!

Updated the luci configuration module per JoW's recommendation, also qos-scripts is not required, it will however be utilized if it's installed and configured.

Thanks,
-Craig

Post #49

Dogge

1 Apr 2010, 18:57

Jow, would be cool if you and/or other core devs can give SouthPawn access to the subversion repos. So he can maintain multiwan and luci-app-multiwan in subversion directly.

I think it's ready for inclusion.

Post #50

andyballon

2 Apr 2010, 01:18

hi southpawn,
sorry for the early victory post. your script needs two more tweaks. i had the impression that it was working properly because i was fiddling with routing yesterday.
1. the 123 table needs proto static.
after booting this is how the route distribution goes after about an hour:
--------
Interface wan
RX: 247352 Pkts. (220.10 MB)
TX: 175260 Pkts. (16.41 MB)

Interface wan2
RX: 58 Pkts. (3.01 KB)
TX: 58 Pkts. (2.93 KB)
--------
if i do this:
ip route add default table 123 proto static nexthop via 114.108.201.1 dev eth0.1 nexthop via 202.78.96.80 dev ppp0

wan2 immediately catches up.
--------
Interface wan
RX: 460725 Pkts. (410.27 MB)
TX: 320268 Pkts. (28.08 MB)

Interface wan2
RX: 26055 Pkts. (26.30 MB)
TX: 17740 Pkts. (1.75 MB)
--------

http://www.ssi.bg/~ja/nano.txt

2. can you make your script do the routing stuff after all interfaces are up?
i had two instances yesterday when i was running ppp0-less. i thought my other isp was down but it turns out the authentication took some time and multiwan ran without ppp0. status > interface only showed wan and no wan2.

so, in summary
====
root@culiat-wg:~# ip route list table 123
202.78.96.80 dev ppp0 proto kernel scope link src 110.55.242.76
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
114.108.201.0/24 dev eth0.1 proto kernel scope link src 114.108.201.34
default via 114.108.201.1 dev eth0.1
root@culiat-wg:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
202.78.96.80 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
114.108.201.0 * 255.255.255.0 U 0 0 0 eth0.1
default 202.78.96.80 0.0.0.0 UG 0 0 0 ppp0
default 201-GW.skybroad 0.0.0.0 UG 0 0 0 eth0.1
root@culiat-wg:~# ip rule list
0: from all lookup local
10: from 114.108.201.34 lookup MWAN1
11: from all fwmark 0x10 lookup MWAN1
12: from all fwmark 0x11 lookup MWAN1
13: from all fwmark 0x12 lookup MWAN1
14: from all fwmark 0x13 lookup MWAN1
15: from all fwmark 0x14 lookup MWAN1
20: from 110.55.242.76 lookup MWAN2
21: from all fwmark 0x20 lookup MWAN2
123: from all fwmark 0x123 lookup LoadBalancer
32766: from all lookup main
32767: from all lookup default
root@culiat-wg:~# ip route del default table 123
root@culiat-wg:~# ip route add default table 123 proto static nexthop via 114.10
8.201.1 dev eth0.1 nexthop via 202.78.96.80 dev ppp0
root@culiat-wg:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
202.78.96.80 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
114.108.201.0 * 255.255.255.0 U 0 0 0 eth0.1
default 202.78.96.80 0.0.0.0 UG 0 0 0 ppp0
default 201-GW.skybroad 0.0.0.0 UG 0 0 0 eth0.1
root@culiat-wg:~# ip route list table 123
202.78.96.80 dev ppp0 proto kernel scope link src 110.55.242.76
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
114.108.201.0/24 dev eth0.1 proto kernel scope link src 114.108.201.34
default proto static
nexthop via 114.108.201.1 dev eth0.1 weight 1
nexthop via 202.78.96.80 dev ppp0 weight 1

Page 2 of 14