Basic support for multiple WANs (netifd & default gateway)

B b at mydomainnameisbiggerthanyours.com
Sat Sep 3 05:06:20 PDT 2022


I use mwan3 in exactly the way you describe. Just because it can do more 
doesn't mean it can't do less. But yes, understanding it does require 
some research and it's definitely intimidating. Understanding the 
interplay between iptables/nft, ip rules, multiple routing tables, and 
the configuration is complicated... but it works flawlessly once you set 
it up.

I agree it would be great if there was something more simple.

Here's my mwan3 setup. I've edited and simplified this a bit. Hopefully 
I didn't break anything in the process. This includes the most common 
tunable options you probably want to fiddle with to meet your needs.

For monitoring the only command you really need to view what mwan3 is 
doing is "mwan3 status". It does a good job of logging activities, so 
tail your logread if you want.

Note the config below is for OpenWRT 19.07.x. I have no idea if there 
are changes in current. It's also only for ipv4.

This config for two interfaces. I actually have four on mine so I edited 
the others out.

You can simplify this config by removing the r_some_ssh_host rule but it 
makes for a good example.

Note the _quality options do nothing here because check_quality is set 0.

The priority is determined by metric where lower = more preferred.

config globals 'globals'
         option mmx_mask '0x3F00'
         option rtmon_interval '5'

config interface 'wan1'
         option enabled '1'
         option family 'ipv4'
         option initial_state 'online'
         list track_ip '8.8.8.8'
         list track_ip '1.1.1.1'
         option reliability '1'
         option count '1'
         option timeout '2'
         option interval '5'
         option down '3'
         option up '6'
         option check_quality '0'
         option failure_latency '1000'
         option recovery_latency '500'
         option failure_loss '20'
         option recovery_loss '5'

config member 'wan1_m1_w1'
         option interface 'wan1'
         option metric '10'
         option weight '1'

config interface 'wan2'
         option enabled '1'
         option family 'ipv4'
         option initial_state 'online'
         list track_ip '8.8.8.8'
         list track_ip '1.1.1.1'
         option reliability '1'
         option count '1'
         option timeout '2'
         option interval '5'
         option down '3'
         option up '6'
         option check_quality '0'
         option failure_latency '1000'
         option recovery_latency '500'
         option failure_loss '20'
         option recovery_loss '5'

config member 'wan2_m2_w1'
         option interface 'wan2'
         option metric '20'
         option weight '1'

config policy 'failover'
         list use_member 'wan1_m1_w1'
         list use_member 'wan2_m2_w1'
         option last_resort 'default' # unreachable (reject) is default

config rule 'r_some_ssh_host'
         option family 'ipv4'
         option dest_ip '1.2.3.4'
         option proto 'tcp'
         option dest_port '22'
         option use_policy 'failover'

config rule 'r_default_v4'
         option family 'ipv4'
         option dest_ip '0.0.0.0/0'
         option use_policy 'failover'


On 9/3/22 04:00, Rafał Miłecki wrote:
> I have a device with two WAN interfaces. I'm looking for a way to
> support them out of the box with some very basic policy.
>
> The simplest scenario: use any of available WANs.
> Semi-pro scenario: prefer WAN with lower "metric".
>
>
> Current behaviour (and problem):
> 1. "wan1" gets DHCP lease, default gw gets set
> 2. "wan2" gets DHCP lease, default gw gets overwritten
> 3. "wan2" goes down, no default gw gets restored
>
> So for the most basic solution we need at least netifd to manage default
> gw.
>
>
> Is that something we could add to OpenWrt?
>
> I'm aware of mwan3 but that seems like an overkill for such simple
> needs. With all its policies, balancing, monitoring it seems like a tool
> for more advanced users. Or am I wrong and it should be used instead?
>




More information about the openwrt-devel mailing list