Dual WAN Failover Script

[Ranger802004]

Hello,

I have an RT-AX88U with 2 connections for Dual, Both PPOE from an ONU (fibre)

The main Link is 1GBPS, the secondary 600mps, the intention always was to have a loadbalance + QoS (streaming does not interfere with gaming, etc)

I've been trying to use them in load balance mode but without success, there are constant game disconects and other problems with connecting a game and other tcp/udp connections (spdy, ssh, database, vpn, etc).


Which script would be best suited for my use?

The Dual WAN Failover Script is fine for both, there are issues with the router creating the FWMark rules and other various things that makes the Load Balance Mode not work and I have put time and effort into correcting these things with my script so if you have issues please gather logs and share them with me, thank you.

 

[Ranger802004]

Hi @Ranger802004

I would really appreciate it if you can add such a feature,

Switch WAN based on internet speed

Hi Guys, I have a load balancing that works on two 5G modems, I want to find a way that when a speed test is conducted and the speed is below XMB to switch to secondary WAN and vice versa, can anyone help to do this please?

www.snbforums.com

I will look into this.

 

[xnokia]

@Ranger802004 I really do appreciate it, and I will be more than happy to financial support the upgrade to this feature.

 

[matthew johnson]

Sorry if this has been asked. Is there a script for load balance or just for fail over? Tried searching this thread but couldn't find a definitive answer.

 

[Ranger802004]

Sorry if this has been asked. Is there a script for load balance or just for fail over? Tried searching this thread but couldn't find a definitive answer.

The script will work with both.

 

[Ranger802004]

@Ranger802004 I really do appreciate it, and I will be more than happy to financial support the upgrade to this feature.

This may not be something easily achievable so it will take some time to come up with some ideas.

 

[Mikey Dread]

Hello Ranger, appreciate your script very much. It's allowed me to move back to the Asus from an ER-X that I had to start using just for the failover. I have been using your script for a couple of months now and am currently using the latest beta and it works very well, but have run across a minor issue.

What would cause a few (but usually not all) of my IOT devices to disconnect from the guest 1 wifi network (using static IP's with Yazfi) and not reconnect until it fails back to the primary wan? What should I be looking for in the logs?

Primary wan is a 5g modem and the secondary wan for failover is a cable modem.

 

[Ranger802004]

Hello Ranger, appreciate your script very much. It's allowed me to move back to the Asus from an ER-X that I had to start using just for the failover. I have been using your script for a couple of months now and am currently using the latest beta and it works very well, but have run across a minor issue.

What would cause a few (but usually not all) of my IOT devices to disconnect from the guest 1 wifi network (using static IP's with Yazfi) and not reconnect until it fails back to the primary wan? What should I be looking for in the logs?

Primary wan is a 5g modem and the secondary wan for failover is a cable modem.

Hello Mikey, the last time I heard of this issue with YazFi during failovers it was discovered the rules created for YazFi had wan0 hardcoded into them instead of dynamically selecting the active WAN interface.

 

[Ranger802004]

v1.5.7 has been published to Production Channel:

v1.5.7
Installation:
- Fixed during Uninstallation where Cleanup would error out due to not having configuration items loaded prior to deletion of configuration file.
- Fixed text formatting for debug logging during installation when selecting WAN IP Address Targets.
- If QoS is Disabled QoS Settings will Default to 0 instead of prompting for configuration.
- WAN Interface will now be restarted before configuration if it doesn't have a valid IP Address or Gateway IP.

Enhancements:
- Configuration Mode will instantly kill script and wait for it to be relaunched by Cron Job.
- WAN0 and WAN1 can be specified to have QoS Enabled or Disabled during Failovers.
- WAN0 and WAN1 Packet Size can be specified seperately in Configuration File.
- Custom Log Path can be specified for Monitor Mode using CUSTOMLOGPATH setting in Configuration Settings.
- Added Dev Mode to update to beta releases using Update Command
- Service Restarts triggered by USB Modem failure events when it is not the Primary WAN will only restart OpenVPN Server instances.
- Added Configuration Option CHECKNVRAM to Enable or Disable NVRAM Checks due to only certain routers needing this check such as the RT-AC86U.
- New Status UNPLUGGED for when a WAN interface connection is not physically present.
- Added Cron Job Mode Lock File to ensure only one instance of the cron job function can run at a time to help prevent duplication creations of the cron job.

Fixes:
- Configuration Mode will no longer delete new or current IP rules/routes and will delete old ones before restarting script.
- Switch WAN function will now properly check Default IP Routes for deletion and creation.
- Load Balance Mode will now properly get default WAN Status before performing checks
- Emails not generating when some scenarios of Secondary WAN failure occur in Failover Mode.
- Fixed issue where missing configuration items weren't checked with option name exact matches as well as for removing deprecated options.
- WAN Interface restart will occur in WAN Status if a previously configured Ping Path has been established and Packet Loss is not 0%

 

[Ranger802004]

***v1.6.0-beta1 Release***

To update to this version, please enable Dev Mode and perform update. Once you are upgraded to the latest version you can access the menu by executing the script by alias (wan-failover) or script path (/jffs/scripts/wan-failover.sh) without any arguments.

NOTE: This is the first iteration of this SSH UI so please help identify bugs and I will continue to add more options into the configuration menu, I just made sure I added all of the most common ones that typically needed to be modified.

Release Notes:
Enhancements:
- Added SSH User Interface

 

[rlj2]

@Ranger802004 thought you might know this. Looks like Starlink is getting some data caps. Is there a way from cli I could route everything a specific internal ip does to secondary wan?

 

[Ranger802004]

@Ranger802004 thought you might know this. Looks like Starlink is getting some data caps. Is there a way from cli I could route everything a specific internal ip does to secondary wan?

if you are using my script still you could make an ip rule pointing it to to WAN1. Something like this:
Replace <LAN IP Address> with your IP
Replace <Priority> with your Rule Priority, query ip rule list and evaluate the left column for rule priority and decide what priority to use. Main Route Table is 32766.

ip rule add from <LAN IP Address> to all table 200 lookup <Priority>

 

[rlj2]

if you are using my script still you could make an ip rule pointing it to to WAN1. Something like this:
Replace <LAN IP Address> with your IP
Replace <Priority> with your Rule Priority, query ip rule list and evaluate the left column for rule priority and decide what priority to use. Main Route Table is 32766.

ip rule add from <LAN IP Address> to all table 200 lookup <Priority>

think you just went over my head, but ill google on those commands

 

[Ranger802004]

think you just went over my head, but ill google on those commands

What is the LAN IP you are trying to route?

 

[rlj2]

What is the LAN IP you are trying to route?

i would have multiplies , but 192.168.50.137 is one specific

 

[rlj2]

I switched to load balance with the following routes which seems to work fine, i was not having luck doing it via cli. Would be nice to make some changes to that without a router reboot.

 

[Ranger802004]

***v1.6.0-beta2 Release***

To update to this version, please enable Dev Mode and perform update. Once you are upgraded to the latest version you can access the menu by executing the script by alias (wan-failover) or script path (/jffs/scripts/wan-failover.sh) without any arguments.

NOTE: Additional options have been added to the Configuration Menu.

Release Notes:
Enhancements:
- Added SSH User Interface
- If VPNMON is installed and running, the service restart function will now call -failover argument instead of -reset.
- Added Capture Mode (Access from UI or execute with argument -capture, this will monitor the System Log for WAN Failover events and generate a temporary file under /tmp/ named wan-failover-<DATESTAMP>.log. Example: /tmp/wan-failover-2022-11-09-22:09:41-CST.log

 

[xnokia]

Would love to see the option of switching based on the speedtest results.

 

[Ranger802004]

Would love to see the option of switching based on the speedtest results.

This is something I'm still looking into and would be awhile before implemented if I come up with a solution.

 

[Ranger802004]

I switched to load balance with the following routes which seems to work fine, i was not having luck doing it via cli. Would be nice to make some changes to that without a router reboot.

Changing from Failover Mode to Load Balance Mode does require a reboot unfortunately. If you switch back to Failover Mode you could add your rules like this via CLI. *** I realized I mistyped my example to you in my prior post as well. ***

Test using this example:

ip rule add from 192.168.50.137 to all table 200 priority 150

Once you have tested that you could add something like this firewall-start script to make sure it stays added and as well doesn't create duplicates, add each IP to the IPS array, one IP per line between the quotes.

# Redirect IPs to WAN1
IPS='
192.168.50.137
'
TABLE="200"

for IP in ${IPS}; do
  if [ -z "$(ip rule list from ${IP} to all lookup ${TABLE} priority 150)" ] >/dev/null;then
    ip rule add from ${IP} to all table ${TABLE} priority 150
  fi
done
IPS=""
TABLE=""