Asus Dual Wan Load Balance Problems

Posted on by

Important

  1. Asus Dual Wan Router
  2. Asus Dual Wan Load Balance Problems Pdf
  3. Asus Dual Wan Load Balance Problems Pc
  • I just selected Dual WAN, Load balancing, put in the ratios and it started working immediately with no fusses. I kept both WANs behind their own respective routers (no bridged mode) and Asus' firmware didn't even blink. Load balancing would also fail over from one WAN to the other after a while, but Failover mode reduces the time this can take.
  • 'ASUS RT-AC87U dual WAN is still work in progress for load balancing! As for failover, it's only applicable with 3G/LTE USB modems and not with another WAN work in progress. Teaming is still.
  • ASUS RT-AC88U Dual WAN in Load Balance Hi, new here so apologies for any noobness in advance! I have recently purchased dual 1Gbps fibre broadband which I am wanting to run via my ASUS RT-AC88U in Load Balance mode with a 1:1 ratio.

Hence, if you own an Asus Router (like the Asus RT-AC68U) which is capable of handling multiple WAN connections (aka Dual-WAN routers), it’s best to configure the load balancer mode. Now I have two clients connected to my RT-AC68U routerNexus 5 - LAN IP:192.168.1.42My Laptop - LAN IP:192.168.1.731.

Netgate is offering COVID-19 aid for pfSense software users, learn more.

A Gateway Group is necessary to setup a Load Balancing or Failoverconfiguration. The group itself does not cause any action to be taken, but whenthe group is used later, such as in policy routing firewall rules, it defineshow the items utilizing the group will behave.

The same gateway may be included in multiple groups so that several differentscenarios can be configured at the same time. For example, some traffic can beload balanced, and other traffic can use failover, and the same WAN can be usedin both capacities by using different gateway groups.

A common example setup for a two WAN firewall contains three groups:

  • LoadBalance: Gateways for WAN1 and WAN2 both on Tier 1

  • PreferWAN1: Gateway for WAN1 on Tier 1, and WAN2 on Tier 2

  • PreferWAN2: Gateway for WAN1 on Tier 2, and WAN2 on Tier 1

No matter which strategy is chosen, the best practice is to have at least onefailover group and to set that failover group to be used as the defaultgateway on the firewall. This ensures that the firewall always has a viabledefault gateway, and using a gateway group ensures that the correct gatewaysare used for this function and in the intended order. SeeManaging the Default Gateway for details.

Configuring a Gateway Group for Load Balancing or Failover¶

To create a gateway group for Load Balancing or Failover:

  • Navigate to System > Routing, Groups tab

  • Click Add to create a new gateway group

  • Fill in the options on the page as described in Gateway Group Options

  • Click Save

Load Balancing¶

Asus Dual Wan Load Balance Problems

Any two gateways on the same tier are load balanced. For example, if GatewayA, Gateway B, and Gateway C are all Tier 1, connections would be balancedbetween them. Gateways that are load balanced will automatically failoverbetween each other. When a gateway fails it is removed from the group, so inthis case if any one of A, B, or C went down, the firewall would load balancebetween the remaining online gateways.

Weighted Balancing¶

If two WANs need to be balanced in a weighted fashion due to differing amountsof bandwidth between them, that can be accommodated by adjusting the Weightparameter on the gateway as described in Unequal Cost Load Balancing andAdvanced Gateway Settings.

Failover¶

Gateways on a lower number tier are preferred by the firewall, and if theyare down then gateways of a higher numbered tier are used. For example, ifGateway A is on Tier 1, Gateway B is on Tier 2, and Gateway C is on Tier3, then Gateway A would be used first. If Gateway A goes down, then GatewayB would be used. If both Gateway A and Gateway B are down, then Gateway Cwould be used.

Complex/Combined Scenarios¶

By extending the concepts above for Load Balancing and Failover, complicatedscenarios are possible that combine both load balancing and failover. Forexample, if Gateway A is on Tier 1, and Gateway B and Gateway C are onTier 2, then Gateway D on Tier 3, the following behavior occurs: Gateway Ais preferred on its own. If Gateway A is down, then traffic would be loadbalanced between Gateway B and Gateway C. Should either Gateway B orGateway C go down, the remaining online gateway in that tier would still beused. If Gateway A, Gateway B, and Gateway C are all down, traffic wouldfail over to Gateway D.

Any other combination of the above can be used, so long as it can be arrangedwithin the limit of 5 tiers.

Asus Dual Wan Router

Problems with Load Balancing¶

Some websites store session information including the client IP address, and ifa subsequent connection to that site is routed out a different WAN interfaceusing a different public IP address, the website will not function properly.This is becoming more common with banks and other security-minded sites. Onemethod of working around this issue is to create a failover group and directtraffic destined to these sites to the failover group rather than a loadbalancing group. Alternately, perform failover for all HTTPS traffic.

The sticky connections feature of pf is intended to resolve this problem, but ithas historically been problematic. It is safe to use, and should alleviate this,but there is also a downside to using the sticky option. When using stickyconnections, an association is held between the client IP address and a givengateway, it is not based off of the destination. When the sticky connectionsoption is enabled, any given client would not load balance its connectionsbetween multiple WANs, but it would be associated with whichever gateway ithappened to use for its first connection. Once all of the client states haveexpired, the client may exit a different WAN for its next connection, resultingin a new gateway pairing. As such, it works best in environments with manyclients where one client utilizing a single WAN does not have a large impact.

The performance and features of the Asus Dual WAN varies per build that Asus releases, I recommend using the latest stable build released by Merlin, though in the screenshots below I am using 384.3_alpha3-g0462c71.

You can find Merlins builds here: https://asuswrt.lostrealm.ca/

Beware that Merlin has no control over Dual WAN, so issues will need to be reported directly to Asus.

Asus

The main issue I noticed when using Dual WAN in load balancing mode is occasionally slow page loading time, failing to load assets, switching between modems at inappropriate times or not loading at all. To work around this issue you can either specify a route for every single device that connects to your router (a lot of hassle!) or use the following work around that forces all devices to use one of the connections.

The basis of this guide is to force all traffic onto either the Primary or secondary WAN by using routing rules. This guide is by no means a final solution and can be adapted in multiple ways.
[adinserter block=”2″]

In my scenario I only want a few devices to connect to the secondary ISP. All my home smart devices and non essential devices will be forced to use the primary ISP preventing them using the bandwidth of my main computer and other important devices which will exclusively use the secondary ISP that I have connected to LAN port 2 of my Asus AC68U.

Stage 1 – DHCP setup and manually assigned IP

Asus Dual Wan Load Balance Problems Pdf

  1. Go to the LAN page on your Asus admin Dashboard.
  2. Limit the IP Pool to between 192.168.1.2 – 192.168.1.127
  3. Assign all devices that you want to use your secondary connection IPs above 192.168.1.127. I haven’t tried but maybe it is possible to assign them 192.168.2.* and leave the IP Pool ending address as 192.168.1.255.
  4. Devices without a manually assigned IP will now only get a local IP from 192.168.1.2 – 192.168.1.127

[adinserter block=”2″]

Asus Dual Wan Load Balance Problems Pc

Stage 2 – Dual WAN setup

  1. Go to the WAN page.
  2. Make sure Dual WAN is on and check you have the secondary WAN on the correct port.
  3. Select Load Balance and check Enable Routing Rules.
  4. The Load Balance configuration is slightly redundant at this point as we will be forcing devices to the primary or secondary connection in the routing rules, so you can leave the ratio as whatever you want.
  5. Add the following rules:
  6. Source IP: 192.168.1.1/25 Destination IP: all WAN unit: Primary WAN
  7. Source IP: all Destination IP: 192.168.1.1/25 WAN unit: Primary WAN
  8. Enter the rules for any devices that you wish to always use the Secondary WAN, using the manual IPs you assigned earlier.
  9. Click Apply.
  10. Below is a screenshot of my setup. The red box shows that all devices without a manual IP assigned IP will use the primary WAN. All the important devices in the blue box will use my Secondary WAN. This is handy for me as my personal (secondary) connection remains unaffected by visitors or new devices connecting to my network.
Dual

Let me know if you have any issues setting this up in the comments.

If you come up with another way of setting this up I’d be extremely interested to hear!

Unfortunately I can’t play around with my settings too much as the internet is nearly always in use by others, so I’m interested in your findings.