351

Re: New package: mwan3; multi-wan policy routing

Something must be wrong again with your config?

Please post the info from the troubleshooting tab.

352 (edited by arfett 2013-06-25 03:43:02)

Re: New package: mwan3; multi-wan policy routing

Adze wrote:

Experimental
If you have a working mwan3 setup, you can "tell" the router to always use it's lan address as the source address for new connections. This way you will be able to also load-balance traffic originating from the router itself:

ip route add default via 127.0.0.1 dev lo src 192.168.x.x

Replace 192.168.x.x with the lan ip address of your router. Mwan3 will now come into play when determining next-hop. Beware that this may effect firewall settings as traffic from the router now also passes the FORWARD chain.

Hmmm with a loadbalancing setup my router-generated traffic is using both of my WAN interfaces and I have no loopback alias or extra route configured. Are the latest versions of MWAN3 supposed to control router-generated traffic without any fixes now?

Re: New package: mwan3; multi-wan policy routing

Adze wrote:

Something must be wrong again with your config?

Please post the info from the troubleshooting tab.

OMG,I found two wans offline this moring I just got up...I have changed anything after last time that two wans are up.
http://imgur.com/PjTENw7

MWAN3 Multi-WAN Troubleshooting
MWAN3 package versions :
mwan3 - 1.2-10
luci-app-mwan3 - 1.0-19
Firewall default output policy (must be ACCEPT) :
ACCEPT
Output of "ip route show" :
default
    nexthop via 192.168.3.1  dev eth0.3 weight 1
    nexthop via 42.197.128.1  dev pppoe-wan1 weight 1
42.197.128.1 dev pppoe-wan1  proto kernel  scope link  src 42.197.138.220
192.168.0.0/24 dev br-lan  proto kernel  scope link  src 192.168.0.1
192.168.3.0/24 dev eth0.3  proto static  scope link  metric 20
Output of "ip rule show" :
0:    from all lookup local
32762:    from all fwmark 0x1 lookup 1
32763:    from 42.197.138.220 lookup 1
32764:    from all fwmark 0x2 lookup 2
32765:    from 192.168.3.121 lookup 2
32766:    from all lookup main
32767:    from all lookup default
Output of "ip route list table 1001-1099" (1001-1015 = interface tables, 1016-1099 = policy tables) :
No data found
Output of "iptables -L -t mangle -v -n | awk '/mwan3/' RS=" :
No data found
Output of "ifconfig" :
br-lan    Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:67 
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::22dc:e6ff:fefd:6c67/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:255469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:166554 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:251204694 (239.5 MiB)  TX bytes:46246969 (44.1 MiB)
eth0      Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:67 
          inet6 addr: fe80::22dc:e6ff:fefd:6c67/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:450508 errors:0 dropped:176 overruns:0 frame:0
          TX packets:420836 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:313346939 (298.8 MiB)  TX bytes:302585761 (288.5 MiB)
          Interrupt:4
eth0.1    Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:67 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:255469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:166554 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:251204694 (239.5 MiB)  TX bytes:46246969 (44.1 MiB)
eth0.2    Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:67 
          inet6 addr: fe80::22dc:e6ff:fefd:6c67/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:71048 errors:0 dropped:1002 overruns:0 frame:0
          TX packets:71199 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:23235271 (22.1 MiB)  TX bytes:50089283 (47.7 MiB)
eth0.3    Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:67 
          inet addr:192.168.3.121  Bcast:192.168.3.255  Mask:255.255.255.0
          inet6 addr: fe80::22dc:e6ff:fefd:6c67/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:123775 errors:0 dropped:0 overruns:0 frame:0
          TX packets:183073 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:30722110 (29.2 MiB)  TX bytes:204565349 (195.0 MiB)
lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:80 errors:0 dropped:0 overruns:0 frame:0
          TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6878 (6.7 KiB)  TX bytes:6878 (6.7 KiB)
pppoe-wan1 Link encap:Point-to-Point Protocol 
          inet addr:42.197.138.220  P-t-P:42.197.128.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:43673 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67930 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:13792114 (13.1 MiB)  TX bytes:48496259 (46.2 MiB)
wlan1     Link encap:Ethernet  HWaddr 20:DC:E6:FD:6C:69 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4636 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:675698 (659.8 KiB)
Output of "cat /etc/config/mwan3" :
config interface 'wan1'
    option enabled '1'
    option reliability '2'
    option count '1'
    option interval '5'
    option down '3'
    option up '8'
    list track_ip '58.67.145.193'
    list track_ip '8.8.8.8'
    list track_ip '211.162.61.236'
    list track_ip '211.162.79.106'
    option timeout '5'
config interface 'wan2'
    option enabled '1'
    list track_ip '8.8.8.8'
    list track_ip '58.67.145.193'
    option reliability '1'
    option count '1'
    option timeout '2'
    option interval '5'
    option down '3'
    option up '8'
config member 'wan1_m1_w3'
    option interface 'wan1'
    option metric '1'
    option weight '3'
config member 'wan1_m2_w3'
    option interface 'wan1'
    option metric '2'
    option weight '3'
config member 'wan2_m1_w2'
    option interface 'wan2'
    option metric '1'
    option weight '3'
config member 'wan2_m2_w2'
    option interface 'wan2'
    option metric '2'
    option weight '2'
config policy 'wan1_only'
    list use_member 'wan1_m1_w3'
config policy 'wan2_only'
    list use_member 'wan2_m1_w2'
config policy 'wan1_wan2_loadbalanced'
    list use_member 'wan1_m1_w3'
    list use_member 'wan2_m1_w2'
config policy 'wan1_pri_wan2_sec'
    list use_member 'wan1_m1_w3'
    list use_member 'wan2_m2_w2'
config policy 'wan2_pri_wan1_sec'
    list use_member 'wan1_m2_w3'
    list use_member 'wan2_m1_w2'
config rule 'other_traffic'
    option dest_ip '0.0.0.0/0'
    option use_policy 'wan1_wan2_loadbalanced'
    option proto 'all'
    option equalize '1'
Output of "cat /etc/config/network" :
config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'
config interface 'lan'
    option ifname 'eth0.1'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.0.1'
config switch
    option name 'eth0'
    option reset '1'
    option enable_vlan '1'
config switch_vlan
    option device 'eth0'
    option vlan '1'
    option vid '1'
    option ports '0t 3 4 5'
config switch_vlan
    option device 'eth0'
    option vlan '2'
    option ports '0t 1'
    option vid '2'
config switch_vlan
    option device 'eth0'
    option vlan '3'
    option vid '3'
    option ports '0t 2'
config interface 'wan2'
    option proto 'dhcp'
    option ifname 'eth0.3'
    option metric '20'
config interface 'wan1'
    option proto 'pppoe'
    option ifname 'eth0.2'
    option username 'zzzzzzzzz'
    option metric '10'
    option password 'zzzzzzz'

354

Re: New package: mwan3; multi-wan policy routing

ranfish wrote:

OMG,I found two wans offline this moring I just got up...I have changed anything after last time that two wans are up.

As i suspected, your network config is not mwan3 compatible:

Output of "ip route show" :
default
    nexthop via 192.168.3.1  dev eth0.3 weight 1
    nexthop via 42.197.128.1  dev pppoe-wan1 weight 1
42.197.128.1 dev pppoe-wan1  proto kernel  scope link  src 42.197.138.220
192.168.0.0/24 dev br-lan  proto kernel  scope link  src 192.168.0.1
192.168.3.0/24 dev eth0.3  proto static  scope link  metric 20

You are missing default route for each wan interface... but your network config however looks OK. Which version of trunk are you running? Looks like the inner workings of OpenWrt have changed... Are you running otherload-balancing programs?

Re: New package: mwan3; multi-wan policy routing

Simple mwan3 implement on buffalo dsl router

http://youtu.be/BJQAssUs0HY

356 (edited by md55 2013-06-28 11:54:26)

Re: New package: mwan3; multi-wan policy routing

Can anyone provide working network/mwan configs for tun0 interface (OpenVpn server)?

357 (edited by arfett 2013-06-28 09:55:32)

Re: New package: mwan3; multi-wan policy routing

Adze,

I updated my router to the lastest AA r37034 and I'm still seeing my router generated traffic be handled by MWAN3. Immediately after a reboot I open two terminals running tcpdump on eth0.1 and wlan0 and have 3 other terminals pinging different addresses and seeing it go out the different interfaces. Mind you I have not done the new experimental route add or alias addition or anything.

I don't exactly have direct control over ONLY the router-generated traffic but MWAN3 still handles it with the rule matching only the protocol. If I want to be able to directly control ONLY the router traffic then I need to use your experimental method (ip route add default via 127.0.0.1 dev lo src 192.168.30.1) and create a rule with 192.168.30.1 as the source address.

Software versions : 

OpenWrt - OpenWrt Attitude Adjustment 12.09 (r37034)
mwan3 - 1.2-10
luci-app-mwan3 - 1.1-4

Firewall default output policy (must be ACCEPT) : 

ACCEPT

Output of "ip route show" : 

default via 192.168.51.1 dev eth0.1  proto static  metric 10 
default via 192.168.0.1 dev wlan0  proto static  metric 20 
192.168.0.0/24 dev wlan0  proto static  scope link  metric 20 
192.168.30.0/24 dev br-lan  proto kernel  scope link  src 192.168.30.1 
192.168.50.0/24 via 192.168.51.1 dev eth0.1  proto static  metric 10 
192.168.51.0/24 dev eth0.1  proto static  scope link  metric 10 

Output of "ip rule show" : 

0:    from all lookup local 
1001:    from all fwmark 0x100/0xff00 lookup 1001 
1002:    from all fwmark 0x200/0xff00 lookup 1002 
1016:    from all fwmark 0x1000/0xff00 lookup 1016 
1017:    from all fwmark 0x1100/0xff00 lookup 1017 
1018:    from all fwmark 0x1200/0xff00 lookup 1018 
1019:    from all fwmark 0x1300/0xff00 lookup 1019 
32766:    from all lookup main 
32767:    from all lookup default 

Output of "ip route list table 1001-1099" (1001-1015 = interface tables, 1016-1099 = policy tables) : 

1001
default via 192.168.51.1 dev eth0.1 
1002
default via 192.168.0.1 dev wlan0 
1016
default via 192.168.51.1 dev eth0.1  metric 1 
1017
default via 192.168.0.1 dev wlan0  metric 1 
1018
default via 192.168.51.1 dev eth0.1  metric 1 
default via 192.168.0.1 dev wlan0  metric 2 
1019
default  metric 1 
    nexthop via 192.168.0.1  dev wlan0 weight 5
    nexthop via 192.168.51.1  dev eth0.1 weight 10

Output of "iptables -L -t mangle -v -n | awk '/mwan3/' RS=" : 

Chain PREROUTING (policy ACCEPT 2741 packets, 305K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 2817  313K mwan3_pre  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 2741  305K fwmark     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT 1804 packets, 138K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1852  143K mwan3_post  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 1660 packets, 377K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1700  380K mwan3_pre  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (policy ACCEPT 2508 packets, 533K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 2576  540K mwan3_post  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain mwan3_default (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    9  1485 MARK       all  --  *      *       0.0.0.0/0            224.0.0.0/3         mark match !0x8000/0x8000 MARK or 0x8000 
   64  5138 MARK       all  --  *      *       0.0.0.0/0            127.0.0.0/8         mark match !0x8000/0x8000 MARK or 0x8000 
    0     0 MARK       all  --  *      *       0.0.0.0/0            192.168.0.0/24      mark match !0x8000/0x8000 MARK or 0x8000 
 2873  464K MARK       all  --  *      *       0.0.0.0/0            192.168.30.0/24     mark match !0x8000/0x8000 MARK or 0x8000 
    0     0 MARK       all  --  *      *       0.0.0.0/0            192.168.50.0/24     mark match !0x8000/0x8000 MARK or 0x8000 
   12   924 MARK       all  --  *      *       0.0.0.0/0            192.168.51.0/24     mark match !0x8000/0x8000 MARK or 0x8000 

Chain mwan3_post (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  170 14125 MARK       all  --  *      wlan0   0.0.0.0/0            0.0.0.0/0           mark match !0x8000/0x8000 MARK xset 0x200/0xff00 
  591  104K MARK       all  --  *      eth0.1  0.0.0.0/0            0.0.0.0/0           mark match !0x8000/0x8000 MARK xset 0x100/0xff00 
 3666  564K MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match 0x8000/0x8000 MARK and 0xffff7fff 
 4428  682K CONNMARK   all  --  *      *       0.0.0.0/0            0.0.0.0/0           CONNMARK save mask 0xff00 

Chain mwan3_pre (2 references)
 pkts bytes target     prot opt in     out     source               destination         
 4517  694K CONNMARK   all  --  *      *       0.0.0.0/0            0.0.0.0/0           CONNMARK restore mask 0xff00 
  172 14907 MARK       all  --  wlan0  *       0.0.0.0/0            0.0.0.0/0           MARK xset 0x8200/0xff00 
  508 74409 MARK       all  --  eth0.1 *       0.0.0.0/0            0.0.0.0/0           MARK xset 0x8100/0xff00 
 3837  604K mwan3_default  all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match !0x8000/0x8000 
  377 41141 mwan3_rules  all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match 0x0/0xff00 

Chain mwan3_rules (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    60 MARK       all  --  *      *       0.0.0.0/0            216.146.38.70       mark match 0x0/0xff00 MARK xset 0x1100/0xff00 
  254 27756 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match 0x0/0xff00 statistic mode random probability 0.666000 MARK xset 0x100/0xff00 
  117 12949 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match 0x0/0xff00 statistic mode random probability 1.000000 MARK xset 0x200/0xff00 
    0     0 MARK       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport sports 0:65535 multiport dports 53,3440 mark match 0x0/0xff00 MARK xset 0x1200/0xff00 
    0     0 MARK       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport sports 0:65535 multiport dports 22,80,443,3440 mark match 0x0/0xff00 MARK xset 0x1200/0xff00 
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0           mark match 0x0/0xff00 MARK xset 0x1200/0xff00 


Output of "ifconfig" : 

br-lan    Link encap:Ethernet  HWaddr 02:02:6B:0C:5F:70  
          inet addr:192.168.30.1  Bcast:192.168.30.255  Mask:255.255.255.0
          inet6 addr: fe80::2:6bff:fe0c:5f70/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4719 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4048 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:569740 (556.3 KiB)  TX bytes:870582 (850.1 KiB)

eth0      Link encap:Ethernet  HWaddr 02:02:6B:0C:5F:70  
          inet6 addr: fe80::2:6bff:fe0c:5f70/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7037 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6651 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:984428 (961.3 KiB)  TX bytes:1349053 (1.2 MiB)
          Interrupt:5 

eth0.1    Link encap:Ethernet  HWaddr 02:02:6B:0C:5F:70  
          inet addr:192.168.51.2  Bcast:192.168.51.255  Mask:255.255.255.0
          inet6 addr: fe80::2:6bff:fe0c:5f70/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2186 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2599 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:274311 (267.8 KiB)  TX bytes:444743 (434.3 KiB)

eth0.2    Link encap:Ethernet  HWaddr 02:02:6B:0C:5F:70  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4719 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4048 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:569740 (556.3 KiB)  TX bytes:870582 (850.1 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:74 errors:0 dropped:0 overruns:0 frame:0
          TX packets:74 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:6427 (6.2 KiB)  TX bytes:6427 (6.2 KiB)

wlan0     Link encap:Ethernet  HWaddr 00:02:6B:0C:5F:70  
          inet addr:192.168.0.22  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::202:6bff:fe0c:5f70/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:23292 errors:0 dropped:0 overruns:0 frame:0
          TX packets:289 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:34690539 (33.0 MiB)  TX bytes:33450 (32.6 KiB)

Output of "cat /etc/config/mwan3" : 

config rule 'dyndns_wwan'
    option use_policy 'wwan_only'
    option dest_ip '216.146.38.70'
    option proto 'all'

config rule 'all_traffic_balance'
    option proto 'all'
    option use_policy 'wan_wwan_loadbalance'
    option equalize '1'

config rule 'udp_traffic_failover'
    option proto 'udp'
    option use_policy 'wan_wwan_failover'
    option dest_port '53,3440'

config rule 'tcp_traffic_failover'
    option proto 'tcp'
    option use_policy 'wan_wwan_failover'
    option dest_port '22,80,443,3440'

config rule 'all_traffic_failover'
    option proto 'all'
    option use_policy 'wan_wwan_failover'

config interface 'wan'
    option enabled '1'
    option reliability '1'
    option count '1'
    option timeout '2'
    option down '3'
    option up '5'
    option interval '5'
    list track_ip '8.8.8.8'

config interface 'wwan'
    option enabled '1'
    option reliability '1'
    option count '1'
    option timeout '2'
    option down '3'
    option up '5'
    list track_ip '8.8.8.8'
    list track_ip '8.8.4.4'
    option interval '5'

config interface 'datacard'
    option enabled '0'
    option reliability '1'
    option count '1'
    option timeout '2'
    option interval '5'
    option down '3'
    option up '5'

config member 'wan_m1_w10'
    option interface 'wan'
    option metric '1'
    option weight '10'

config member 'wwan_m1_w5'
    option interface 'wwan'
    option metric '1'
    option weight '5'

config member 'wwan_m2_w10'
    option interface 'wwan'
    option metric '2'
    option weight '10'

config policy 'wan_only'
    list use_member 'wan_m1_w10'

config policy 'wwan_only'
    list use_member 'wwan_m1_w5'

config policy 'wan_wwan_failover'
    list use_member 'wan_m1_w10'
    list use_member 'wwan_m2_w10'

config policy 'wan_wwan_loadbalance'
    list use_member 'wan_m1_w10'
    list use_member 'wwan_m1_w5'


Output of "cat /etc/config/network" : 

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'wan'
    option ifname 'eth0.1'
    option proto 'dhcp'
    option metric '10'
    option hostname 'OpenWrt-F70'

config interface 'datacard'
    option proto '3g'
    option device '/dev/USB0'
    option service 'evdo'
    option maxwait '20'
    option keepalive '6 30'
    option demand '0'
    option metric '30'

config interface 'lan'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option _orig_ifname 'eth0.2 wlan0'
    option _orig_bridge 'true'
    option ifname 'eth0.2'
    option ipaddr '192.168.30.1'

config switch
    option name 'rt305x'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'rt305x'
    option vlan '1'
    option ports '0 6t'

config switch_vlan
    option device 'rt305x'
    option vlan '2'
    option ports '1 2 3 4 6t'

config interface 'wwan'
    option proto 'dhcp'
    option hostname 'OpenWrt-F70'
    option peerdns '0'
    option dns '8.8.8.8 8.8.4.4'
    option metric '20'

config route
    option interface 'wan'
    option target '192.168.50.0'
    option netmask '255.255.255.0'
    option gateway '192.168.51.1'

358

Re: New package: mwan3; multi-wan policy routing

Hi Arfett,


I'm seeing the same result here. Even without the loopback trick, router generated traffic is loadbalanced. Kind of neat, but there is a downside...

icmp     1 27 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26327 packets=1 bytes=84 src=213.136.13.52 dst=213.127.134.91 type=0 code=0 id=26327 packets=2 bytes=168 mark=256 use=1
icmp     1 20 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26303 packets=1 bytes=84 src=213.136.13.52 dst=213.127.134.91 type=0 code=0 id=26303 packets=2 bytes=168 mark=256 use=1
icmp     1 23 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26316 packets=1 bytes=84 src=213.136.13.52 dst=213.127.134.91 type=0 code=0 id=26316 packets=2 bytes=168 mark=256 use=1
icmp     1 25 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26319 packets=1 bytes=84 src=213.136.13.52 dst=213.127.134.91 type=0 code=0 id=26319 packets=2 bytes=168 mark=256 use=1
icmp     1 25 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26318 packets=1 bytes=84 src=213.136.13.52 dst=213.154.232.11 type=0 code=0 id=26318 packets=2 bytes=168 mark=512 use=1
icmp     1 24 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26317 packets=1 bytes=84 src=213.136.13.52 dst=213.154.232.11 type=0 code=0 id=26317 packets=2 bytes=168 mark=512 use=1
icmp     1 21 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26304 packets=1 bytes=84 src=213.136.13.52 dst=213.154.232.11 type=0 code=0 id=26304 packets=2 bytes=168 mark=512 use=1
icmp     1 27 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26321 packets=1 bytes=84 src=213.136.13.52 dst=213.154.232.11 type=0 code=0 id=26321 packets=2 bytes=168 mark=512 use=1
icmp     1 26 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26320 packets=1 bytes=84 src=213.136.13.52 dst=213.127.134.91 type=0 code=0 id=26320 packets=2 bytes=168 mark=256 use=1
icmp     1 22 src=213.127.134.91 dst=213.136.13.52 type=8 code=0 id=26309 packets=1 bytes=84 src=213.136.13.52 dst=213.154.232.11 type=0 code=0 id=26309 packets=2 bytes=168 mark=512 use=2

As you can see, the source address before natting is always the gateway with the lowest metric. Then the packet gets handled by mwan3 rules and routed as such. The downside with this behaviour is that setting a source address in an application is not respected and can result in packets not being forwarded to the right gateway.

I now know why this behaviour has changed. I removed some ip rules that i thought were not important. Turns out they are (thanks for noticing!). I will fix this asap. With this fix you will need the loopback trick again to load-balance router generated traffic.

359 (edited by arfett 2013-06-28 10:33:24)

Re: New package: mwan3; multi-wan policy routing

Adze wrote:

With this fix you will need the loopback trick again to load-balance router generated traffic.

To be clear it will take the following 3 steps:

1. /etc/config/network

config alias
    option interface 'loopback'
    option proto 'static'
    option ipaddr '192.168.100.1'
    option netmask '255.255.255.255'

2. /etc/rc.local

ip route add default via 127.0.0.1 dev lo src 192.168.100.1 metric 5

3. Create MWAN3 rule with 192.168.100.1 as source address

Or am I mistaken?

360

Re: New package: mwan3; multi-wan policy routing

arfett wrote:

To be clear it will take the following 3 steps:

Correct

361

Re: New package: mwan3; multi-wan policy routing

I fixed the load-balancing of router generated traffic issue. Please update to version 1.2-11.

Re: New package: mwan3; multi-wan policy routing

New package files are up for MWAN3 and the LuCI app.

Adze,

Seems to me the alias trick renders the default routing table useless as the route with the lowest metric will be directing traffic to the loopback interface?

Is there any workaround that won't have this caveat?

363

Re: New package: mwan3; multi-wan policy routing

arfett wrote:

Seems to me the alias trick renders the default routing table useless as the route with the lowest metric will be directing traffic to the loopback interface?

I don't understand... What do you mean by useless?

364 (edited by arfett 2013-06-28 12:49:55)

Re: New package: mwan3; multi-wan policy routing

Adze wrote:
arfett wrote:

Seems to me the alias trick renders the default routing table useless as the route with the lowest metric will be directing traffic to the loopback interface?

I don't understand... What do you mean by useless?

Meaning any traffic using the default routing table goes nowhere.

365

Re: New package: mwan3; multi-wan policy routing

That's only true if mwan3 is not "running". If mwan3 is running it marks traffic flows, which in turn use custom routing tables to route traffic.

366 (edited by arfett 2013-06-28 13:02:30)

Re: New package: mwan3; multi-wan policy routing

Adze wrote:

That's only true if mwan3 is not "running". If mwan3 is running it marks traffic flows, which in turn use custom routing tables to route traffic.

If the first (or only) rule specifies all traffic use the default routing table then there is no connectivity. And correct me if I'm wrong but any traffic which does not match a rule goes through the default routing table as well.

I don't see it being a huge issue it just means that any and all traffic that you want to get anywhere will need to be controlled by an MWAN3 rule rather than being able to let unspecified traffic fall through.

367 (edited by Adze 2013-06-28 13:57:00)

Re: New package: mwan3; multi-wan policy routing

Good point. I will crack my head around this (small) issue.

Maybe i will revert back to version 1.2-10 and let router generated traffic being load-balanced as default. Users can make their own rules for specific flows if they don't want this...

368 (edited by arfett 2013-06-28 20:52:26)

Re: New package: mwan3; multi-wan policy routing

Adze wrote:

Good point. I will crack my head around this (small) issue.

Maybe i will revert back to version 1.2-10 and let router generated traffic being load-balanced as default. Users can make their own rules for specific flows if they don't want this...

I kind of think the issues with 1.2-10 were more of a bug and serious issue since it wouldn't honor the source address on packets coming from clients as well as the router (I think or did it only affect the router traffic?)

The issue with 1.2-11 is sort of 'the way it is' and not really a showstopper for any applications since you can just create a rule for your traffic.

If you wouldn't mind I'd like to chat with you on google chat about a few things in the MWAN3 scripts. I'd like to better understand a few things so I can help track down bugs and test fixes/features.


PS. if the code goes back to 1.2-10 the experimental method of controlling traffic should be removed from the first post. The reason I even started investigating the router-generated traffic on 1.2-10 was I noticed my MWAN3 rule for traffic with source 192.168.30.1 (my LAN address) wasn't matching any packets.

If it stays the same maybe the first post should be updated with the three steps of the alias method. I have these notes on the GUI but not everyone uses the GUI.

Re: New package: mwan3; multi-wan policy routing

How can mwan3 let traffic just go through wan1 when wan2 is down,but still use wan2 next time when it is on.

370

Re: New package: mwan3; multi-wan policy routing

ranfish wrote:

How can mwan3 let traffic just go through wan1 when wan2 is down,but still use wan2 next time when it is on.

1. Create 2 members: one for each wan. Set the metric for wan1 higer than the metric for wan2.
2. Create a policy and add the two members created above.
3. Add a policy and set it to use the policy just created.

371 (edited by arfett 2013-07-02 22:43:45)

Re: New package: mwan3; multi-wan policy routing

ranfish wrote:

How can mwan3 let traffic just go through wan1 when wan2 is down,but still use wan2 next time when it is on.

If you mean load balance on both wan1 and wan2 when they are both online and only use wan1 if wan2 is offline then a standard load balancing setup will do the trick. This will also allow traffic to only use wan2 while wan1 is offline

1. Create 2 members: one for each wan. Set the metric for wan1 the SAME as metric for wan2. Set the weight on each to dermine how much of the load will go across each one when they are both online (example: weight of 4 on wan1 and weight of 2 on wan2 would send twice as much data out wan1.)
2. Create a policy and add the two members created above.
3. Add a policy and set it to use the policy just created.

372

Re: New package: mwan3; multi-wan policy routing

Good evening! I use Mwan3  with 3 interfaces, everything works fine. The speed of my internet connections 10, 8 and 4 megabits. It is possible to add two interfaces at a rate of 4 megabits. What values should be set in the weight?
Sorry for my very bad english, i  use google translator.

Re: New package: mwan3; multi-wan policy routing

jooe wrote:

Good evening! I use Mwan3  with 3 interfaces, everything works fine. The speed of my internet connections 10, 8 and 4 megabits. It is possible to add two interfaces at a rate of 4 megabits. What values should be set in the weight?
Sorry for my very bad english, i  use google translator.

You could just use the mbits as the weights, 10, 8, 4, 4, 4

374

Re: New package: mwan3; multi-wan policy routing

I use Mwan3 with 2 interfaces: static as main and pppoe for intra-ISP subnet.
config 'rule'
    option 'dest_ip' '<isp subnet>'
    option 'use_policy' 'pppoe_link'

There is also OpenVpn server on this router.
I can connect to OpenVpn from intra-ISP subnet to pppoe IP only via tcp. When I try udp, response is routed back via static IP instead of pppoe IP.
So why udp works different from tcp?

375 (edited by arfett 2013-07-05 02:52:07)

Re: New package: mwan3; multi-wan policy routing

md55 wrote:

I use Mwan3 with 2 interfaces: static as main and pppoe for intra-ISP subnet.
config 'rule'
    option 'dest_ip' '<isp subnet>'
    option 'use_policy' 'pppoe_link'

There is also OpenVpn server on this router.
I can connect to OpenVpn from intra-ISP subnet to pppoe IP only via tcp. When I try udp, response is routed back via static IP instead of pppoe IP.
So why udp works different from tcp?

Care to post more information? If you're using the LuCI application copy/paste the contents of the troubleshooting page into a forum code block. If not then get all of the troubleshooting information shown in the first post manually and paste into a forum code block.