[BUG] Broken default route of Dual Wan load balance setting with the same gateway

[jasonpu]

I have just flashed my ASUS ac66U-B1 box to merlin 384.4_2 from a totally fresh reset. And then I reconfigured the dual wan settings using WAN port and LAN 4 port .

The problem is my phone and my PC connected to my router frequently failed to open some webpages or opened them very slowly because some resources cannot be fetched from the web. But It worked fine with no problem in version 380.69.

So my investigation began...

1. The dnsmasq works fine so it's not related to DNS.

2. I built a socks5 server on the router, and I set my PC chrome using the socks5 proxy through the proxy server on the router. Now everything worked fine. All webpages were opened without any lag.

My first intuition is to check the iptables NAT table(because through router's socks5 server, traffics in chrome are through router's OUTPUT chain instead of NAT). I found merlin 384 introduced a new balance chain which is used for load balance purpose(I remember 340 doesn't have the balance chain). I flushed it but problems were still there.

Finally I replaced the default route (wight 1 nexthop via 10.160.0.1 dev ppp0 and wight 1 nexthop via 10.160.0.1 dev ppp1) with "default via 10.160.0.1 dev ppp0". Everything worked fine.

So I think it is a bug of the default route setting. If the load balance is achieved by iptables and ip policy rule, so whether the default "nexthop" route rule is redundant?

 

[kfp]

Are you using dual WAN in load balance mode or failover? It sounds like you want failover but you set it to load balance?

 

[jasonpu]

Are you using dual WAN in load balance mode or failover? It sounds like you want failover but you set it to load balance?

Hi!

After my research I have delete the second floor which is proved wrong.

I want to use load balance. But the default policy route setting of load balance is really buggy. I have cleaned the balace chain and set my ip rule based on src ip address by myself. Everything works fine. But if balace chain is restored by default setting, my lan devices cannot open webpages smoothly, that's to sat, I have to click the refresh button again and again.

You guys have found nothing wrong?

 

[kfp]

You guys have found nothing wrong?

Not using dual WAN so can’t say I have the same experience, maybe submit a PR on Github so we can all see/benefit from your improvements?

 

[jasonpu]

I finally get the point.

By default,

hello@router:~$ cat /proc/sys/net/ipv4/conf/all/rp_filter
-1

This is really strange because official documents tell me the valid value of this parm should be 0, 1 or 2.

I set it manually to 0, problem solved completely!

hello@router:~$ echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter

I don't know whether it is a bug or not. Hope it helps.