Dual WAN Failover ***v2 Release***

[Ranger802004]

WAN Failover is designed to replace the factory ASUS WAN Failover functionality, this script will monitor the WAN Interfaces using a Target IP Address and pinging these targets to determine when a failure occurs. When a failure is detected in Failover Mode, the script will switch to the Secondary WAN interface automatically and then monitor for failback conditions. When the Primary WAN interface connection is restored based on the Target IP Address, the script will perform the failback condition and switch back to Primary WAN. When a failure is detected in Load Balancing Mode, the script will remove the down WAN interface from Load Balancing and restore it when it is active again.

Requirements:
- ASUS Merlin Firmware v386.9 or higher
- JFFS custom scripts and configs Enabled
- Dual WAN Enabled
- ASUS Factory Failover Disabled (Network Monitoring Options, Allow Failback Option under WAN > Dual WAN)

Installation:
amtm

or

Command Line:

/usr/sbin/curl -s "https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover.sh" -o "/jffs/scripts/wan-failover.sh" && chmod 755 /jffs/scripts/wan-failover.sh && sh /jffs/scripts/wan-failover.sh install

Updating:
Use Menu Option 6 or Run the Following Command

/jffs/scripts/wan-failover.sh update

Uninstallation:
Use Menu Option 4 or Run the Following Command

/jffs/scripts/wan-failover.sh uninstall

Link to Script:
https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover.sh

Readme:
https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover-readme.txt

Release Notes:
v2.1.1:
Enhancements:
- Added 388.5 to supported firmware list.
- Added 388.6 to supported firmware list.
- Added configuration option to perform a conntrack flush during failover.

Fixes:
- Updated logic for IPv6 Address data collection.
- The default rules created by the firmware will be deleted if a custom load balancing rule priority is configured.
- OpenVPN Clients will be restarted during failover events.
- Null values for WAN Web GUI IP Addresses are now valid.

v2.1.0:
Enhancements:
- Added WAN0 and WAN1 Web GUI configuration options to create routes for the device portals for each WAN interface.
- Added Reset Default Configuration to Configuration Menu, additionally the command argument resetconfig can be used.
- Enhanced uninstallation prompt for verifying to uninstall.

Fixes:
- Fixed an issue where update would hang if WAN Failover wasn't running.
- Fixed an issue that would allow Load Balance FWMarks and Masks to be non-hexidecimal values in console.
- Added function to verify reverse path filtering is disabled after restarting WAN interfaces and when performing initial WAN Status checks. This is already disabled by the firmware by default but automatically re-enables when an interface is restarted and can cause issues with the target IP rules.

v2.0.7:
Enhancements:
- Added metric values to IP Routes created for target IPs.
- Added additional debug logging to WAN Switch function.
- Added 386.12 to supported firmware list.
- Minor optimizations to increase performance.
- Added CRLF argument to email.
- Added restart option to Status Console.
- Major performance optimization for NVRAM Check function.
- Parent PID is now displayed on Status Console with Dev Mode enabled.
- Added error message if an invalid run argument is specified.
- Added Failover timeout setting. Default is 30 seconds

Fixes:
- Minor visual bug when WAN Failover kill command is being executed.
- WAN Failover will go to disabled state now if DNS Query or Failback are checked under Dual WAN Settings.
- Fixed issue causing PID File not to be deleted under /var/run/wan-failover.pid
- Failover will now properly timeout when the 30 second timeout timer has been reached.

Install:
- Warnings for DNS Query or Failback being enabled will now alert and log during installation

Deprecated:
- WAN0 Route Table and WAN1 Route Table configuration options have been deprecated and are now pulled directly from the Route Table file.

v2.0.6:
Enhancements:
- Added 388.4 to Support List
- General Optimization
- WireGuard clients will restart during failover to recreate the default routes in each WireGuard Route Table.

Fixes:
- Corrected issue where having no OpenVPN Server Instances configured caused WAN Failover to hang.

v2.0.5:
Fixes:
- Corrected minor issue when retrieving WAN NVRAM Parameters
- Corrected issue if WAN Failover would be stuck in a continuous loop if a router didn't have WAN USB capability.
- Corrected issue that causes WAN Failover to exit in Load Balance mode during failover events.
- Corrected issue where DDNS Hostname being blank would cause the script to hang in a loop while collecting System Settings.
- Corrected issue during install where the existing monitor target value was a domain and being used as the WAN0 Target IP default value.

v2.0.4:
Enhancements:
- Added 3rd DNS Server from Automatic Settings to be factored into WAN Failover events.
- The checkiprules function will now be checked at the beginning of WAN Status checks to ensure NAT rules are created if necessary prior to performing packet loss checks.
- Added 386.10 and 386.11 to supported firmware list
- Removed 386.5 and 386.7 from supported firmware list.

Fixes:
- Corrected issue during uninstall when logic was reversed for retaining configuration file or to delete.

v2.0.3:
Fixes:
- Corrected syntax bug in Debug Logging function.

v2.0.2:
Fixes:
- Fixed minor issue with install mode getting stuck on WANDOGTARGET variable.

v2.0.1:
Enhancements:
- Added Process Priority (Real Time, High, Normal, Low, Lowest) for WAN Failover. Configuration Option: Process Priority
- General Optimization.
- CHECKNVRAM is Enabled by Default for the RT-AC86U and GT-AC2900 models on new installations.
- Status Console now shows more descriptions for each WAN interface status.
- Status Console will now passively check for updates every 4 hours while running.
- Status Console will now show WAN Failover status as "Initializing" for start up of the script.
- Added new option to block IPv6 in Failover Mode from traversing Secondary WAN. Configuration Option: Failover Block IPv6

Fixes:
- Corrected issues preventing Failback in v2.0.0.
- Corrected issues with acquiring WAN Interface MAC Addresses.
- Corrected issues with Email Notifications not properly disabling.
- Restart WAN functions will now start interface if already stopped instead of executing restart command.

New Status Console Example:
Note: To change the refresh interval, go to the Configuration Menu and modify the Status Check Setting

 

[JohnSmith]

Upgraded from V1.6.0 Final to V2.0.0-beta1 with no problems in FAILOVER mode.

I did get this syntax error when upgrading, not sure if it is just cosmetic:

/jffs/scripts/wan-failover.sh: line 3646: syntax error: unexpected "&&"

 

[Ranger802004]

Upgraded from V1.6.0 Final to V2.0.0-beta1 with no problems in FAILOVER mode.

I did get this syntax error when upgrading, not sure if it is just cosmetic:

/jffs/scripts/wan-failover.sh: line 3646: syntax error: unexpected "&&"

I believe I identified the issue and I uploaded a minor revision, please do an update and let the script reinstall. I added in a Checksum check for reinstalls just now that will tell you if your local copy is different than the remote copy.

 

[Stephen Harrington]

I believe I identified the issue and I uploaded a minor revision, please do an update and let the script reinstall.

Just did my own 2.0.0b1 update after your minor revision and no syntax error seen for me. New version appears to be running ok, will report further when I've tested a failover/fall back, hopefully later today.

 

[Stephen Harrington]

- New Enhanced Status Console

@Ranger802004 any chance the status display could also be called as a command line option, as in "wan-failover status" ???

 

[Ranger802004]

@Ranger802004 any chance the status display could also be called as a command line option, as in "wan-failover status" ???

I could but not in this cycle as that would require a major change to allow it to call just that function part of a command argument. What are your thoughts on having this shortcut?

 

[Stephen Harrington]

What are your thoughts on having this shortcut?

I guess to be able to quickly display it in its own SSH session directly, similar to what you can do with "wan-failover monitor" now?

 

[Ranger802004]

I guess to be able to quickly display it in its own SSH session directly, similar to what you can do with "wan-failover monitor" now?

Let me see what I can do and I'll get back with you.

 

[Ranger802004]

v2.0.0-beta2 has been published with the following changes, you can run the update command to update to the latest beta version if you have Dev Mode enabled.

Changes from v2.0.0-beta1:
- Added a check if WAN was changed by router firmware before making it to Failover function so it doesn't attempt to switch back Primary WAN to a down WAN interface.
- Fixed Debug Log function for run and manual mode
- Added "status" command argument to call status console.
- Added log events if ping times reach PINGTIMEMAX setting.
- Fixed Restart Mode not killing all PIDs.
- Removed references to config and email command arguments.
- Fixed QoS Overhead values using QOS Inbound Bandwidth value in NVRAM.
- Finished changing references from wan-failover.sh to wan-failover for logging and on-screen messages.
- If QoS ATM is enabled, it will show as Enabled in email notifications.
- Status Page will show DDNS Hostname if DDNS is Enabled and has a DDNS Hostname.

 

[Ranger802004]

v2.0.0-beta3 has been published with the following changes, you can run the update command to update to the latest beta version if you have Dev Mode enabled.

Changes from v2.0.0-beta2:
- Fixed Restart Mode not killing all PIDs.
- Restore Config Mode and now loads same menu as Menu Option 5
- Fixed Config Options for Load Balancing mapping to the wrong settings.
- Added All QoS Configuration Options to Config Menu.
- Load Balance Configuration Settings will only show while in Load Balance Mode or if Dev Mode is Enabled.
- Finished moving debuglog function from directly accessing NVRAM Values when logging values.

 

[alisou]

Hello @Ranger802004
I tested your script. The install hang after entering "Y".
Tested on :
RT-AC88U
Firmware:386.9

 

[Ranger802004]

Hello @Ranger802004
I tested your script. The install hang after entering "Y".
Tested on :
RT-AC88U
Firmware:386.9

Let me take a look into this, I did modify this section during this beta cycle.

 

[Ranger802004]

v2.0.0-beta4 has been published with the following changes, you can run the update command to update to the latest beta version if you have Dev Mode enabled.

Changes from v2.0.0-beta3:
Added debug logging to WAN Interface Restart functions.
Added a sleep timer for WAN Interface Restart loops.
Removed echo command from Restart Mode loop that kills PIDs, this was used for testing.
Optimizations to Get WAN Parameters Mode 1
Removed WANUSB to use DUALWANDEV parameter
Improvements to Update Mode for version checks
Update Mode will now check checksum to ensure integrity of WAN Failover.
Send stderr for curl commands to /dev/null
Add full color code chart
Re-color coded Status Console
Added logging messages during installation
Corrected issue with Installation not creating WAN0_QOS_OBW Configuration Option

 

[JohnSmith]

Update from V2.0.0 beta3 to V2.0.0 beta4:

- timeout counted down on SSH terminal from 120 seconds to 0, per line, for wan-failover restart
- line 47: pstree: not found

wan-failover - Update Mode
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  298k  100  298k    0     0   487k      0 --:--:-- --:--:-- --:--:--  509k
***Dev Mode is Enabled***
Script is out of date - Current Version: v2.0.0-beta3 Available Version: v2.0.0-beta4
Do you want to update to the latest beta version? v2.0.0-beta4 ***Enter Y for Yes or N for No***
> y
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
wan-failover: Restart - ***wan-failover is not running*** No Process ID Detected
wan-failover: Restart - Waiting for wan-failover to restart from Cron Job
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 120 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 119 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 118 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 117 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 116 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 115 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 114 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 113 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 112 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 111 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 110 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 109 Seconds

/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 10 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 9 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 8 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 7 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 6 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 5 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 4 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 3 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 2 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 1 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 0 Seconds
wan-failover: Restart - Failed to restart wan-failover ***Check Logs***
wan-failover: Update - wan-failover has been updated to version: v2.0.0-beta4
/jffs/scripts/wan-failover.sh: line 5440: syntax error: unexpected "("

 

[Ranger802004]

Update from V2.0.0 beta3 to V2.0.0 beta4:

- timeout counted down on SSH terminal from 120 seconds to 0, per line, for wan-failover restart
- line 47: pstree: not found

wan-failover - Update Mode
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  298k  100  298k    0     0   487k      0 --:--:-- --:--:-- --:--:--  509k
***Dev Mode is Enabled***
Script is out of date - Current Version: v2.0.0-beta3 Available Version: v2.0.0-beta4
Do you want to update to the latest beta version? v2.0.0-beta4 ***Enter Y for Yes or N for No***
> y
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
wan-failover: Restart - ***wan-failover is not running*** No Process ID Detected
wan-failover: Restart - Waiting for wan-failover to restart from Cron Job
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 120 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 119 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 118 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 117 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 116 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 115 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 114 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 113 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 112 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 111 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 110 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 109 Seconds

/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 10 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 9 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 8 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 7 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 6 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 5 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 4 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 3 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 2 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 1 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 0 Seconds
wan-failover: Restart - Failed to restart wan-failover ***Check Logs***
wan-failover: Update - wan-failover has been updated to version: v2.0.0-beta4
/jffs/scripts/wan-failover.sh: line 5440: syntax error: unexpected "("

Ah I see pstree is not on every router, I’ll have to expand on that logic.

 

[asceta]

tell me i'm dumb. or ******* asking stupid questions...

i'm trying to figure out what is the advantage of using your script for 'dual wan' - against built-in features... i'm a bit lame. i need dual-wan to assure persistence of internet connection (some cable internet, plus gsm modem for backup) for 'work-from-home' way of working. And i need a really flexible and swift solution (so if cable goes down - gsm takes over, and only and if cable goes back and works stable- i can turn off gsm) - whatever happens - I need to be 'connected'...

I really appreciate some feedback. Please.


Thank you!
Asceta

 

[Ranger802004]

Update from V2.0.0 beta3 to V2.0.0 beta4:

- timeout counted down on SSH terminal from 120 seconds to 0, per line, for wan-failover restart
- line 47: pstree: not found

wan-failover - Update Mode
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  298k  100  298k    0     0   487k      0 --:--:-- --:--:-- --:--:--  509k
***Dev Mode is Enabled***
Script is out of date - Current Version: v2.0.0-beta3 Available Version: v2.0.0-beta4
Do you want to update to the latest beta version? v2.0.0-beta4 ***Enter Y for Yes or N for No***
> y
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
wan-failover: Restart - ***wan-failover is not running*** No Process ID Detected
wan-failover: Restart - Waiting for wan-failover to restart from Cron Job
/jffs/scripts/wan-failover.sh: line 47: pstree: not found
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 120 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 119 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 118 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 117 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 116 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 115 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 114 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 113 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 112 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 111 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 110 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 109 Seconds

/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 10 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 9 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 8 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 7 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 6 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 5 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 4 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 3 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 2 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 1 Seconds
/jffs/scripts/wan-failover.sh: line 47: pstree: not foundimeout: 0 Seconds
wan-failover: Restart - Failed to restart wan-failover ***Check Logs***
wan-failover: Update - wan-failover has been updated to version: v2.0.0-beta4
/jffs/scripts/wan-failover.sh: line 5440: syntax error: unexpected "("

Published a fix for this, update again.

 

[Ranger802004]

tell me i'm dumb. or ******* asking stupid questions...

i'm trying to figure out what is the advantage of using your script for 'dual wan' - against built-in features... i'm a bit lame. i need dual-wan to assure persistence of internet connection (some cable internet, plus gsm modem for backup) for 'work-from-home' way of working. And i need a really flexible and swift solution (so if cable goes down - gsm takes over, and only and if cable goes back and works stable- i can turn off gsm) - whatever happens - I need to be 'connected'...

I really appreciate some feedback. Please.


Thank you!
Asceta

The main problem is the failback condition is only detecting if a cable is plugged in for the WAN0 interface, this doesn't necessarily mean WAN0 is active and has a connection. My script actively monitors both interfaces to perform proper failover monitoring as well as logging and email notifications for failover/failback events.

 

[asceta]

ay ay Sir!

thanks. And then I would test it, for sure. And i really mean it... for me - it sucks that I see 'flapping' conditions (switching between cable and GSM) for the 'stock' solution. I always thought that built-in feature has some issues with detecting conditions for stable connection. And now I see that i could test something that could improve something, really...

Thank you!
Asceta

 

[Ranger802004]

v2.0.0-beta4 has been published with the following changes, you can run the update command to update to the latest beta version if you have Dev Mode enabled.

Changes from v2.0.0-beta3:
Added debug logging to WAN Interface Restart functions.
Added a sleep timer for WAN Interface Restart loops.
Removed echo command from Restart Mode loop that kills PIDs, this was used for testing.
Optimizations to Get WAN Parameters Mode 1
Removed WANUSB to use DUALWANDEV parameter
Improvements to Update Mode for version checks
Update Mode will now check checksum to ensure integrity of WAN Failover.
Send stderr for curl commands to /dev/null
Add full color code chart
Re-color coded Status Console
Added logging messages during installation
Corrected issue with Installation not creating WAN0_QOS_OBW Configuration Option

Published some minor revisions to v2.0.0-beta4